tag:blogger.com,1999:blog-23387278797493680482024-03-14T01:14:06.086+08:00ECS Installation Manual墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.comBlogger79125tag:blogger.com,1999:blog-2338727879749368048.post-42371336014235147882021-04-01T17:06:00.009+08:002021-04-02T10:48:50.523+08:00Microsoft 365 open source replacement - Part 1 - Solution Design<p><span style="font-family: Roboto Condensed;">This is an open source solution as an alternative to Microsoft 365.</span></p><p><span style="font-family: Roboto Condensed;">Here is the overview of the solution.</span></p><p><span style="font-family: Roboto Condensed;"></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-family: Roboto Condensed;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicVlWdsQBeypuqn6dRKSWgBIRDRLlkFjKBxCqav_yjApwQdbaydzKi491YDPCuqT0H8mYxL5URRn0kKHgkEEhCX31Hc-RbGiJxde3w0UfdW-YnPIPnhYRS2aiqDn802i-b8kzqFVZLvro/" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="781" data-original-width="1113" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicVlWdsQBeypuqn6dRKSWgBIRDRLlkFjKBxCqav_yjApwQdbaydzKi491YDPCuqT0H8mYxL5URRn0kKHgkEEhCX31Hc-RbGiJxde3w0UfdW-YnPIPnhYRS2aiqDn802i-b8kzqFVZLvro/s16000/image.png" /></a></span></div><span style="font-family: Roboto Condensed;"><br />Let me introduce the function of each components.</span><div><span style="font-family: Roboto Condensed;"><br /></span></div><div><h3 style="text-align: left;"><span style="font-family: Roboto Condensed;">Cloudflare</span></h3><p></p><p><span style="font-family: Roboto Condensed;">First of all , we use Cloudflare as our first line of defend. The free plan include SSL certificate , Global CDN and Unmetered mitigation of DDoS attacks with up to 59 Tbps capacity.</span></p><p><span style="font-family: Roboto Condensed;"></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-family: Roboto Condensed;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLPhCkkw-jQrIWKxsKOVwY_qi1PMoXBKl5CmCED9y7rdO8-AC5oeK46Vj1Ac-GJ285r5k6YB_bu5mCrz7XY_18teU7i5F4xSXREgVcpIcPJ17FDQ7-djayfxJ5qthtbZ9L6g2QRhh53Qs/" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="341" data-original-width="938" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLPhCkkw-jQrIWKxsKOVwY_qi1PMoXBKl5CmCED9y7rdO8-AC5oeK46Vj1Ac-GJ285r5k6YB_bu5mCrz7XY_18teU7i5F4xSXREgVcpIcPJ17FDQ7-djayfxJ5qthtbZ9L6g2QRhh53Qs/s16000/image.png" /></a></span></div><span style="font-family: Roboto Condensed;"><br /></span><h3 style="text-align: left;"><span style="font-family: Roboto Condensed;"> Nginx</span></h3><p></p><p><span style="font-family: Roboto Condensed;">Master nginx will act as the reverse proxy for most of the services. So that you wouldn't need to configure ssl certificate for each of the services behind the nginx. And you can configure a lot of settings here, for example, limit service access by incoming ip address , fault tolerance and load balance the service.</span></p><p><span style="font-family: Roboto Condensed;"><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAz_oT-_3GW39uHt8u9sVz7xflNZEXki1_h__P2hc-IDlK7RpCRvKDv0Z8Q_Bazatpxz5E9LmyS87xuKa1Fv1jYyqchu1UntE-_ix6wNMpM0qO5a4i1a8zvXFoYX9UmFKAn_NHgGPbHes/s671/download.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="592" data-original-width="671" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAz_oT-_3GW39uHt8u9sVz7xflNZEXki1_h__P2hc-IDlK7RpCRvKDv0Z8Q_Bazatpxz5E9LmyS87xuKa1Fv1jYyqchu1UntE-_ix6wNMpM0qO5a4i1a8zvXFoYX9UmFKAn_NHgGPbHes/s16000/download.png" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">This is a example if you need HA or load balance</td></tr></tbody></table><br /></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-family: Roboto Condensed;"><br /></span></div><h3 style="text-align: left;"><span style="font-family: Roboto Condensed;">Authelia</span></h3><p></p><p><span style="font-family: Roboto Condensed;">Authelia will work together with Nginx to provide 2FA protection for the services that don't support 2FA. For our case here, Guacamole, Bookstack and LDAP Manager do not have 2FA, so we will shield it with Authelia.</span></p><h3 style="text-align: left;"><span style="font-family: Roboto Condensed;">Zimbra</span></h3><p><span style="font-family: Roboto Condensed;">Zimbra Collaboration is a collaborative software suite that includes an email server and a web client. In my solution, we mainly rely on the email server and the web base user friendly admin console.</span></p><p><span style="font-family: Roboto Condensed;">You can replace it a more simple email server which require less resources and able to run on docker. Please refer to the link below.</span></p><p><span style="font-family: Roboto Condensed;"><a href="https://guide.ecsmy.com/2020/08/setup-mail-server-with-ldap.html" target="_blank">Setup mail server with ldap authentication in docker</a></span></p><h3 style="text-align: left;"><span style="font-family: Roboto Condensed;">Nextcloud</span></h3><div><span style="font-family: Roboto Condensed;">The purpose for nextcloud is for user to synchronize their personal file into the server as a backup and also encourage user to make use of the online platform for document editing. Although nextcloud support group folder but that is not encourage.</span></div><h3 style="text-align: left;"><span style="font-family: Roboto Condensed;">Onlyoffice</span></h3><p><span style="font-family: Roboto Condensed;">Nextcloud with onlyoffice document server addon, will enable user edit office document store in the nextcloud using browser. Multiple user are able to work on the same at the same time. The free version of onlyoffice document server support up to 20 concurrent connections.</span></p><p><span style="font-family: Roboto Condensed;"><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://i.ytimg.com/vi/8z1iLv32J2M/maxresdefault.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="450" data-original-width="800" src="https://i.ytimg.com/vi/8z1iLv32J2M/maxresdefault.jpg" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">Multiple user able to work on a file at the same time</td></tr></tbody></table></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-family: Roboto Condensed;"><br /></span></div><h3 style="text-align: left;"><span style="font-family: Roboto Condensed;">Collabora Online Development Edition (CODE)</span></h3><p></p><p><span style="font-family: Roboto Condensed;">Collabora Online is a powerful LibreOffice-based online office that supports all major document, spreadsheet and presentation file formats, which you can integrate into your own infrastructure. Key features are collaborative editing and excellent office file format support.<br /><span style="font-family: Roboto Condensed;"><br />The free version of the </span>Collabora Online Development Edition.</span></p><p><span style="font-family: "Roboto Condensed";">You can install only Onlyoffice or Collabora. When you install both, if Onlyoffice is run out of connection, user can still use Collabora for document editing.</span></p><h3 style="text-align: left;"><span style="font-family: "Roboto Condensed";">Bookstack</span></h3><p><span style="font-family: Roboto Condensed;">BookStack is a simple, self-hosted, easy-to-use platform for organizing and storing information.</span></p><p><span style="font-family: Roboto Condensed;">I would suggest to store companies information using bookstack so that your user wouldn't take away all your information by just copy files and folder. Bookstack support versioning and access control.</span></p><p><span style="font-family: Roboto Condensed;">Bookstack also support diagram.net integration, so if you need to draw diagram frequently as part of the documentation, you will like this integration.</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.blogger.com/video.g?token=AD6v5dxrguqc1Hi13ICOD7lm7p__vvfBQfOZw9xk9j5WTfGIyvxQqeH7fZ_DE-sHK4KFiFbG2E0F8oX_SiOgZOWNSg' class='b-hbp-video b-uploaded' frameborder='0'></iframe></div><br /><h3 style="text-align: left;"><span style="font-family: Roboto Condensed;">LDAP Manager</span></h3><p></p><p><span style="font-family: Roboto Condensed;">LDAP manager is just a web interface for administrator to create or modify user account. And user will use this web interface for password changing.</span></p><h3 style="text-align: left;"><span style="font-family: Roboto Condensed;">Guacamole</span></h3><div><div><span style="font-family: Roboto Condensed;">Last but not least , Guacamole for IT guy like us. I found that it is very troublesome to look for SSH or RDP client whenever we need to perform some simple task or troubleshooting issue. So I decided to have Guacamole as my web base ssh client.</span></div></div><div><span style="font-family: Roboto Condensed;"><br /></span></div><div><span style="font-family: Roboto Condensed;"><div>Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH. They call it clientless because no plugins or client software are required. Thanks to HTML5, once Guacamole is installed on a server, all you need to access your desktops is a web browser.</div></span></div><div><span style="font-family: Roboto Condensed;"><br /></span></div><div><span style="font-family: Roboto Condensed;">This will be the end of part one. I will share the installation of each components in part two.</span></div><div><span style="font-family: "Roboto Condensed";"><br /></span></div><div><span style="font-family: "Roboto Condensed";"><br /></span></div><div><span style="font-family: "Roboto Condensed";"><br /></span></div><div><span style="font-family: "Roboto Condensed";">---</span></div></div>墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-31253011355936213732020-08-10T16:31:00.002+08:002020-08-10T16:31:31.328+08:00Setup mail server with ldap authentication in docker<p>Getting an email server to run in docker is easy but getting an email server with ldap authentication to run in docker spend me a week to get up and running.</p><p>Here are the steps that I taken. I will assume you already know how to install docker.</p><h2 style="text-align: left;">Install LDAP.</h2><p><span style="font-family: courier;">docker run \<br /></span><span style="font-family: courier;"> --detach \<br /></span><span style="font-family: courier;"> --restart unless-stopped \<br /></span><span style="font-family: courier;"> --name openldap \<br /></span><span style="font-family: courier;"> -e LDAP_ORGANISATION=domain \<br /></span><span style="font-family: courier;"> -e LDAP_DOMAIN=domain.com \<br /></span><span style="font-family: courier;"> -e LDAP_ADMIN_PASSWORD=complex-password \<br /></span><span style="font-family: courier;"> -e LDAP_RFC2307BIS_SCHEMA=true \<br /></span><span style="font-family: courier;"> -e LDAP_REMOVE_CONFIG_AFTER_SETUP=true \<br /></span><span style="font-family: courier;"> -e LDAP_TLS=false \<br /></span><span style="font-family: courier;"> -p 389:389 \<br /></span><span style="font-family: courier;"> --volume /data/openldap/var_lib_ldap:/var/lib/ldap \<br /></span><span style="font-family: courier;"> --volume /data/openldap/etc_ldap_slapd.d:/etc/ldap/slapd.d \<br /></span><span style="font-family: courier;"> osixia/openldap:latest</span></p><div><br /></div><h3 style="text-align: left;">Install postfix-book schema into the ldap.</h3><div><div><span style="font-family: courier;"># cd /etc/ldap/schema</span></div><div><span style="font-family: courier;"># apt update</span></div><div><span style="font-family: courier;"># apt install vim wget</span></div><div><span style="font-family: courier;"># wget https://raw.githubusercontent.com/variablenix/ldap-mail-schema/master/postfix-book.schema</span></div><div><span style="font-family: courier;"># use vim to remove mailAlias block</span></div><div><span style="font-family: courier;"># mkdir ldif_output</span></div><div><span style="font-family: courier;"># vim schema_convert.conf</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">;add these lines</span></div><div><span style="font-family: courier;">include /etc/ldap/schema/core.schema</span></div><div><span style="font-family: courier;">include /etc/ldap/schema/cosine.schema</span></div><div><span style="font-family: courier;">include /etc/ldap/schema/nis.schema</span></div><div><span style="font-family: courier;">include /etc/ldap/schema/inetorgperson.schema</span></div><div><span style="font-family: courier;">include /etc/ldap/schema/postfix-book.schema</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;"># slapcat -f schema_convert.conf -F ./ldif_output/ -n0</span></div><div><span style="font-family: courier;"># cp ldif_output/cn\=config/cn\=schema/cn\=\{4\}postfix-book.ldif ./postfix-book.ldif</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">;Edited the file /etc/ldap/schema/ldif_out/cn\=config/cn\=schema/cn\=\{4\}postfix-book.ldif to delete the 7 last line and make following changes:</span></div><div><span style="font-family: courier;">dn: cn=postfix-book,cn=schema,cn=config</span></div><div><span style="font-family: courier;">cn: postfix-book</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;"># ldapadd -Y EXTERNAL -H ldapi:/// -f postfix-book.ldif</span></div></div><div><br /></div><h2 style="text-align: left;">Install web base ldap user manager (mainly for user to change password)</h2><div><div><span style="font-family: courier;">docker run \</span></div><div><span style="font-family: courier;"> --detach \</span></div><div><span style="font-family: courier;"> --name=ldap-manager \</span></div><div><span style="font-family: courier;"> -p 8080:80 \</span></div><div><span style="font-family: courier;"> -e SERVER_HOSTNAME=localhost \</span></div><div><span style="font-family: courier;"> -e LDAP_URI=ldap://ip.add.re.ss \</span></div><div><span style="font-family: courier;"> -e LDAP_BASE_DN=dc=domain,dc=com \</span></div><div><span style="font-family: courier;"> -e LDAP_REQUIRE_STARTTLS=FALSE \</span></div><div><span style="font-family: courier;"> -e LDAP_ADMINS_GROUP=admins \</span></div><div><span style="font-family: courier;"> -e LDAP_ADMIN_BIND_DN="cn=admin,dc=domain,dc=com" \</span></div><div><span style="font-family: courier;"> -e LDAP_ADMIN_BIND_PWD=</span><span style="font-family: courier;">complex-password</span><span style="font-family: courier;"> \</span></div><div><span style="font-family: courier;"> -e NO_HTTPS=TRUE \</span></div><div><span style="font-family: courier;"> wheelybird/ldap-user-manager:latest</span></div><div><br /><h2 style="text-align: left;">Install postfix and dovecot.</h2></div><div><div><span style="font-family: courier;"># cat docker-compose.yml </span></div><div><span style="font-family: courier;">version: '2'</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">services:</span></div><div><span style="font-family: courier;"> mail:</span></div><div><span style="font-family: courier;"> image: tvial/docker-mailserver:latest</span></div><div><span style="font-family: courier;"> hostname: mail</span></div><div><span style="font-family: courier;"> domainname: domain.com</span></div><div><span style="font-family: courier;"> container_name: mailserver</span></div><div><span style="font-family: courier;"> ports:</span></div><div><span style="font-family: courier;"> - "25:25"</span></div><div><span style="font-family: courier;"> - "143:143"</span></div><div><span style="font-family: courier;"> - "587:587"</span></div><div><span style="font-family: courier;"> - "993:993"</span></div><div><span style="font-family: courier;"> volumes:</span></div><div><span style="font-family: courier;"> - /data/mailserver/maildata:/var/mail</span></div><div><span style="font-family: courier;"> - /data/mailserver/mailstate:/var/mail-state</span></div><div><span style="font-family: courier;"> - /data/mailserver/maillogs:/var/log/mail</span></div><div><span style="font-family: courier;"> - /data/mailserver/config/:/tmp/docker-mailserver/</span></div><div><span style="font-family: courier;"> environment:</span></div><div><span style="font-family: courier;"> - ENABLE_SPAMASSASSIN=1</span></div><div><span style="font-family: courier;"> - SPAMASSASSIN_SPAM_TO_INBOX=1</span></div><div><span style="font-family: courier;"> - ENABLE_CLAMAV=1</span></div><div><span style="font-family: courier;"> - ENABLE_FAIL2BAN=0</span></div><div><span style="font-family: courier;"> - ENABLE_POSTGREY=1</span></div><div><span style="font-family: courier;"> - ONE_DIR=1</span></div><div><span style="font-family: courier;"> - DMS_DEBUG=0</span></div><div><span style="font-family: courier;"> - ENABLE_LDAP=1</span></div><div><span style="font-family: courier;"> - LDAP_SERVER_HOST=192.168.1.1 # your ldap container/IP/ServerName</span></div><div><span style="font-family: courier;"> - LDAP_SEARCH_BASE=ou=people,dc=domain,dc=com</span></div><div><span style="font-family: courier;"> - LDAP_BIND_DN=cn=admin,dc=domain,dc=com</span></div><div><span style="font-family: courier;"> - LDAP_BIND_PW=</span><span style="font-family: courier;">complex-password</span></div><div><span style="font-family: courier;"> - LDAP_QUERY_FILTER_USER=(&(mail=%s)(mailEnabled=TRUE))</span></div><div><span style="font-family: courier;"> - LDAP_QUERY_FILTER_GROUP=(&(mailGroupMember=%s)(mailEnabled=TRUE))</span></div><div><span style="font-family: courier;"> - LDAP_QUERY_FILTER_ALIAS=(|(&(mailAlias=%s)(objectClass=PostfixBookMailForward))(&(mailAlias=%s)(objectClass=inetOrgPerson)(mailEnabled=TRUE)))</span></div><div><span style="font-family: courier;"> - LDAP_QUERY_FILTER_DOMAIN=(|(&(mail=*@%s)(objectClass=PostfixBookMailAccount)(mailEnabled=TRUE))(&(mailGroupMember=*@%s)(objectClass=PostfixBookMailAccount)(mailEnabled=TRUE))(&(mailalias=*@%s)(objectClass=PostfixBookMailForward)))</span></div><div><span style="font-family: courier;"> - DOVECOT_PASS_FILTER=(&(objectClass=inetOrgPerson)(uid=%n))</span></div><div><span style="font-family: courier;"> - DOVECOT_USER_FILTER=(&(objectClass=inetOrgPerson)(uid=%n))</span></div><div><span style="font-family: courier;"> - DOVECOT_USER_ATTRS=homeDirectory=home,=uid=5000,=gid=5000</span></div><div><span style="font-family: courier;"> - ENABLE_SASLAUTHD=1</span></div><div><span style="font-family: courier;"> - SASLAUTHD_MECHANISMS=ldap</span></div><div><span style="font-family: courier;"> - SASLAUTHD_LDAP_SERVER=</span><span style="font-family: courier;">192.168.1.1</span></div><div><span style="font-family: courier;"> - SASLAUTHD_LDAP_BIND_DN=cn=admin,dc=domain,dc=com</span></div><div><span style="font-family: courier;"> - SASLAUTHD_LDAP_PASSWORD=</span><span style="font-family: courier;">complex-password</span></div><div><span style="font-family: courier;"> - SASLAUTHD_LDAP_SEARCH_BASE=ou=people,dc=domain,dc=com</span></div><div><span style="font-family: courier;"> - SASLAUTHD_LDAP_FILTER=(&(objectClass=inetOrgPerson)(uid=%U))</span></div><div><span style="font-family: courier;"> - POSTMASTER_ADDRESS=postmaster@localhost.localdomain</span></div><div><span style="font-family: courier;"> - POSTFIX_MESSAGE_SIZE_LIMIT=100000000</span></div><div><span style="font-family: courier;"> cap_add:</span></div><div><span style="font-family: courier;"> - SYS_PTRACE</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: inherit;">I remove the fail2ban and change some of the query.</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;"># docker-compose up -d</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: inherit;">Once the container is up and running , go into the container to modify some settings.</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;"># docker exec -it mailserver /bin/bash</span></div><span style="font-family: courier;"># vim /etc/postfix/main.cf</span></div><div><span style="font-family: courier;"><br /></span>Modify this line, add the <b>reject_sender_login_mismatch</b> at first position, to prevent user can send email as anyone.</div><div><br /></div><div><span style="font-family: courier;">smtpd_sender_restrictions = reject_sender_login_mismatch, permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain<br /></span><br />add this line, so that user can send email not limited to own email address , user can send using alias email address.</div><div><br /></div><div><span style="font-family: courier;">smtpd_sender_login_maps = ldap:/etc/postfix/ldap-aliases.cf</span><br /><br />I am trying to use AWS SES service to send outgoing email, but not sure why the postfix not able to send the correct user name and password. So I route the outgoing email to another postfix container.</div><div><br /></div><div><span style="font-family: courier;">relayhost = 192.168.1.1:2525</span></div><div><br /></div><h3 style="text-align: left;">Install postfix mail relay.</h3><div><br /></div><div><div><span style="font-family: courier;">docker container run -d \</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>--restart=always \</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>--name postfix \</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>-e MAIL_RELAY_HOST='email-smtp.ap-southeast-1.amazonaws.com' \</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>-e MAIL_RELAY_PORT='465' \</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>-e MAIL_RELAY_USER='username' \</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>-e MAIL_RELAY_PASS='password' \</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>-e MAIL_CANONICAL_DOMAINS='domain.com' \</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>-p 2525:25 \</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>tecnativa/postfix-relay</span></div><div><br /></div><h2 style="text-align: left;">Install roundcube as web base mail client.</h2><div><span style="font-family: courier;">docker run -d \</span></div><div><div><span style="font-family: courier;"><span> </span><span> </span>--restart=always \</span></div><div><span style="font-family: courier;"><span> </span><span> </span>--name roundcube \</span></div><div><span style="font-family: courier;"><span> </span><span> </span>-e ROUNDCUBEMAIL_DEFAULT_HOST=192.168.1.1 \</span></div><div><span style="font-family: courier;"><span> </span><span> </span>-e ROUNDCUBEMAIL_SMTP_SERVER=tls://192.168.1.1 \</span></div><div><span style="font-family: courier;"><span> </span><span> </span>-e ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE=1024M \</span></div><div><span style="font-family: courier;"><span> </span><span> </span>-v /data/roundcube/config/:/var/roundcube/config/ \</span></div><div><span style="font-family: courier;"><span> </span><span> </span>-p 8081:80 \</span></div><div><span style="font-family: courier;"><span> </span><span> </span>-d roundcube/roundcubemail</span></div></div><div><br /></div><div>Once the container is up and running, go into the container to modify some setting.</div><div><br /></div><div><span style="font-family: courier;">docker exec -it roundcube /bin/bash</span></div><div><span style="font-family: courier;"> # vim /var/www/html/config/config.inc.php</span></div><div><br /></div><div>Append these lines at the end of the file, so that roundcube will ignore the cert error.</div><div><br /></div><div><div><span style="font-family: courier;"> $config['imap_conn_options'] = array(</span></div><div><span style="font-family: courier;"><span style="white-space: pre;"> </span>'ssl' => array(</span></div><div><span style="font-family: courier;"><span style="white-space: pre;"> </span>'verify_peer' => false,</span></div><div><span style="font-family: courier;"><span style="white-space: pre;"> </span>'verfify_peer_name' => false,</span></div><div><span style="font-family: courier;"><span style="white-space: pre;"> </span>),</span></div><div><span style="font-family: courier;"> );</span></div><div><span style="font-family: courier;"> $config['smtp_conn_options'] = array(</span></div><div><span style="font-family: courier;"><span style="white-space: pre;"> </span>'ssl' => array(</span></div><div><span style="font-family: courier;"><span style="white-space: pre;"> </span>'verify_peer' => false,</span></div><div><span style="font-family: courier;"><span style="white-space: pre;"> </span>'verify_peer_name' => false,</span></div><div><span style="font-family: courier;"><span style="white-space: pre;"> </span>),</span></div><div><span style="font-family: courier;"> );</span></div></div><div><br /></div><h2 style="text-align: left;">Install nginx.</h2><div><span style="font-family: courier;">docker run -d \</span></div><div><span style="font-family: courier;"><span> <span> </span><span> </span></span>--name nginx \</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>-p 80:80 -p 443:443 \</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>-v /data/nginx/certs/:/etc/nginx/certs/</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> -v </span>/data/nginx/conf.d/:/etc/nginx/conf.d/</span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> </span>nginx</span></div><div><br /></div><div>The nginx configuration I leave it to you. If you need help on configure the nginx, please leave a comment and let me know.</div><div><br /></div><h2 style="text-align: left;">Manage email account.</h2><div><br /></div><div>The ldap account that need to use for log in mail system and send/receive email.</div><div><br /></div><div>1. Make sure the ldap account has <b><span style="font-family: courier;">PostfixBookMailAccount</span></b> object class.</div><div>2. Add <b><span style="font-family: courier;">mailEnabled</span> </b>attribute<b> </b>and set the value to <b>TRUE </b>.</div><div>3. Add <b><span style="font-family: courier;">mail</span></b> attribute and set the value to the main email address.</div><div>4. Add <b><span style="font-family: courier;">mailalias</span></b> attribute and set the value to the main email address.</div><div>5. Add <b><span style="font-family: courier;">mailalias</span></b> attribute and set the value to any distribution list email address, if needed.</div><div><br /></div><h2 style="text-align: left;">Testing</h2><div>Now you should be able to send/receive email using roundcube web email client and connect using port 143 (imap) and port 587 (smtp) from any email client. Remember to select STARTTLS option.</div><div><br /></div><div>*</div><br />This is not the perfect solution, especially the self sign cert. If you have concern with it , you can buy a cert or get a cert from letencrypt.</div></div><p><br /></p><p>---</p>墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-68105044329442298332020-06-02T16:19:00.001+08:002020-06-02T16:19:30.917+08:00Firefox performance issue at fedora 32If you are running firefox in Fedora 32 XFCE spin, you might face performance issue.<div><br /></div><div>I fix it by turn on <font color="#d52c1f" face="courier">gfx.webrender.enabled</font> and <font color="#d52c1f" face="courier">gfx.webrender.all</font> in <font color="#d52c1f" face="courier">about:config</font>.</div><div><br /></div><div>Hope this will help to solve the issue for you.</div><div><br /></div><div><br /></div><div><br /></div><div>---</div>墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-52197292568545125172020-05-19T00:06:00.008+08:002021-01-11T02:29:16.902+08:00My note on ffmpeg usage<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiom3_1w9ac3XtGEP6F1Vqqa3ZtKIxds667Hf5HkkwTaYw_wWthoThs8U4Vmi4jvlH8BZ8bS5a_5moIyv_4X8orhfK60HbvJ4O7myfUy9QMNz_eilCd2wwiAdymanDnDDLQ6u5tT4N3WHg/" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="168" data-original-width="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiom3_1w9ac3XtGEP6F1Vqqa3ZtKIxds667Hf5HkkwTaYw_wWthoThs8U4Vmi4jvlH8BZ8bS5a_5moIyv_4X8orhfK60HbvJ4O7myfUy9QMNz_eilCd2wwiAdymanDnDDLQ6u5tT4N3WHg/" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><br /></div><font size="4"><br /></font></div><div dir="ltr" style="text-align: left;" trbidi="on"><font size="4">Most Common Basic Usage to burn subtitles into video</font></div><pre style="text-align: left;">ffmpeg -i input.mp4 -vf subtitles="sub.srt" output.mp4</pre><div dir="ltr" style="text-align: left;" trbidi="on">with gpu</div><pre style="text-align: left;">ffmpeg -i input.mp4 -c:v hevc_amf -vf subtitles="sub.srt" output.mp4<br />ffmpeg -i input.mp4 -c:v h264_amf -vf subtitles="sub.srt" output.mp4
ffmpeg -i input.mp4 -c:v h264_nvenc -vf subtitles="sub.srt" output.mp4
</pre><pre style="text-align: left;">Use this command to list down gpu option available</pre><pre style="text-align: left;">ffmpeg -f lavfi -i nullsrc -c:v h264_nvenc -gpu list -f null -</pre><div dir="ltr" style="text-align: left;" trbidi="on"><br /></div><div dir="ltr" style="text-align: left;" trbidi="on"><br /></div><div dir="ltr" style="text-align: left;" trbidi="on">Below is the RAW note which I haven't tidy up.</div><div dir="ltr" style="text-align: left;" trbidi="on"><br /></div><div dir="ltr" style="text-align: left;" trbidi="on">Bash Shell Script for convert media file in batch.</div><div dir="ltr" style="text-align: left;" trbidi="on"><br /></div><div dir="ltr" style="text-align: left;" trbidi="on">
for f in *.flv<br />
do<br />
<span style="white-space: pre;"> </span>#echo $f<br />
<span style="white-space: pre;"> </span>#echo ${f%.*}<br />
<span style="white-space: pre;"> </span>ffmpeg -i $f ./done/${f%.*}.mp4<br />
done<br />
<div>
<br />
<br />
rename 's/ACDC/AC-DC/' *.xxx<br />
<br />
To replace # by somethingelse for filenames in the current directory (not recursive) you can use the GNU rename utility:<br />
<br />
rename 's/#/somethingelse/' *<br />
<br />
Characters like - must be escaped with a \.<br />
<br />
ffmpeg -i orig.mkv -filter_complex "[0:v][0:s]overlay=(W-w)/2:(H-h)/10*9[v]" -map "[v]" -map 0:a output.mp4<br />
<br />
<br />
ffmpeg -i 穿越時空的少女The\ Girl\ Who\ Leapt\ Through\ Time\ \(1\).mkv -filter_complex "[0:s]scale=iw/2:ih/2[ovr],[0:v][ovr]overlay=(W-w)/2:(H-h)/10*9.5[v]" -map "[v]" -map 0:a output.mp4<br />
<br />
ffmpeg -i Guardians.of.the.Galaxy.Vol.2.2017.1080p.BluRay.x264.VPPV.mkv -vf subtitles="Guardians\ of\ the\ Galaxy\ Vol.\ 2\ \(2017\)\ \[1080p\]\ \[YTS.AG\].srt" out.mp4<br />
<br />
for f in *.mkv<br />
do<br />
x=$(printf '%q' "$f")<br />
#echo $x<br />
#echo ${f%.*}<br />
#echo "${x%.*}.ass"<br />
#echo ${x%.*}<br />
<br />
ffmpeg -i "$f" -vf subtitles="${x%.*}.ass" /Users/steven/Desktop/Dimension/"${f%.mkv}".mp4<br />
done</div>
<div>
<br /></div>
<div>
<pre class="lang-sh prettyprint prettyprinted" style="background-color: #eff0f1; border: 0px; box-sizing: inherit; color: #393318; font-family: consolas, menlo, monaco, "lucida console", "liberation mono", "dejavu sans mono", "bitstream vera sans mono", "courier new", monospace, sans-serif; font-size: 13px; font-stretch: inherit; font-variant-east-asian: inherit; font-variant-numeric: inherit; line-height: inherit; margin-bottom: 1em; max-height: 600px; overflow-wrap: normal; overflow: auto; padding: 5px; vertical-align: baseline; width: auto;"><code style="border: 0px; box-sizing: inherit; font-family: consolas, menlo, monaco, "lucida console", "liberation mono", "dejavu sans mono", "bitstream vera sans mono", "courier new", monospace, sans-serif; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline; white-space: inherit;"><span class="kwd" style="border: 0px; box-sizing: inherit; color: #101094; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">for</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"> f </span><span class="kwd" style="border: 0px; box-sizing: inherit; color: #101094; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">in</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"> </span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">*.</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">mp4
</span><span class="kwd" style="border: 0px; box-sizing: inherit; color: #101094; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">do</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
new</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"${f%%.mp4} (CHT).mp4"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
subtitle</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"${f%%.mp4}.chi.ass"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
newsubtitle</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"${subtitle// /\\ }"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
echo $newsubtitle
secsubtitle</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"${newsubtitle//[/\\[}"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
echo $secsubtitle
thirdtitle</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"${secsubtitle//]/\\]}"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
echo $thirdtitle
fourthtitle</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"${thirdtitle//(/\\(}"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
echo $fourthtitle
fifthtitle</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"${fourthtitle//)/\\)}"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
echo $fifthtitle
ffmpeg </span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">-</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">i </span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"$f"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"> </span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">-</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">vf subtitles</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"$fifthtitle"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"> </span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"$new"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
</span><span class="kwd" style="border: 0px; box-sizing: inherit; color: #101094; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">done</span></code></pre>
</div>
</div>
<pre class="lang-sh prettyprint prettyprinted" style="background-color: #eff0f1; border: 0px; box-sizing: inherit; color: #393318; font-family: consolas, menlo, monaco, "lucida console", "liberation mono", "dejavu sans mono", "bitstream vera sans mono", "courier new", monospace, sans-serif; font-size: 13px; font-stretch: inherit; font-variant-east-asian: inherit; font-variant-numeric: inherit; line-height: inherit; margin-bottom: 1em; max-height: 600px; overflow-wrap: normal; overflow: auto; padding: 5px; vertical-align: baseline; width: auto;"><code style="border: 0px; box-sizing: inherit; font-family: consolas, menlo, monaco, "lucida console", "liberation mono", "dejavu sans mono", "bitstream vera sans mono", "courier new", monospace, sans-serif; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline; white-space: inherit;"><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">new</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"${f%%.mp4}.CHT.mp4"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
subtitle</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"${f%%.mp4}.chi.ass"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
</span><span class="com" style="border: 0px; box-sizing: inherit; color: #858c93; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"># make a temp hardlink to evade `ffmpeg`'s </span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
</span><span class="com" style="border: 0px; box-sizing: inherit; color: #858c93; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"># onerous quoting requirements.</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
x</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">`mktemp -u -p . --suffix=.ass`</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
ln </span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"$subtitle"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"> $x
</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"><</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"> </span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">/</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">dev</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">/</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">null ffmpeg </span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">-</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">i </span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"$f"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"> </span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">-</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">vf subtitles</span><span class="pun" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">=</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">$x </span><span class="str" style="border: 0px; box-sizing: inherit; color: #7d2727; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">"${new}"</span><span class="pln" style="border: 0px; box-sizing: inherit; color: #303336; font-family: inherit; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
rm $x</span></code></pre>
<br />
remain same sound codec<br />
<br />
ffmpeg -i Max\ Steel\ 2016\ 1080p\ BluRay\ x264\ DTS-JYK.mkv -vf subtitles="./Subs/English(SDH).srt" -acodec copy output.mp4<br />
<br />
ffmpeg -i 双瞳.未删剪版.Double.Vision.Unrated.2002.D9.MiniSD-TLF.\(qvocd.com\).mkv -vf subtitles="双瞳.未删剪版.Double.Vision.Unrated.2002.D9.MiniSD-TLF.\(qvocd.com\).mkv":si=0 output.mp4<br />
<br />
Only copy 1 audio stream<br />
<br />
ffmpeg -i Sucker.Punch.BluRay.1080p.x264.5.1.HQ.Judas.mp4 -vf subtitles="Sucker.Punch.BluRay.1080p.x264.5.1.HQ.Judas.srt" -c:a:1 copy output.mp4<br />
<br />
rearrange stream<br />
<br />
ffmpeg -i 济公之神龙再现.mkv -map 0:0 -map 0:2 -map 0:1 -c copy output.mp4<br />
<br />
crf 18<br />
<br />
If you need to delay video by 3.84 seconds, use a command like this:<br />
<br />
ffmpeg.exe -i "movie.mp4" -itsoffset 3.84 -i "movie.mp4" -map 1:v -map 0:a -c copy "movie-video-delayed.mp4"<br /><br /></div><div dir="ltr" style="text-align: left;" trbidi="on">
If you need to delay audio by 3.84 seconds, use a command like this:<br />
<br />
ffmpeg.exe -i "movie.mp4" -itsoffset 3.84 -i "movie.mp4" -map 0:v -map 1:a -c copy "movie-audio-delayed.mp4"<br />
Make sure, that your ffmpeg build is not too old, newer than 2012 will suffice.<br />
<br />
MP4 TO MP4 (MEDIUM)<br />
ffmpeg -i input.mp4 -b 1000000 output.mp4<br />
<br />
M2TS TO MP4<br />
ffmpeg -i input.m2ts -vcodec libx264 -crf 20 -acodec ac3 -vf "yadif" output.mp4<br />
<br />
MP4 TO WEBM (HIGH)<br />
ffmpeg -i input.mp4 -aq 5 -ac 2 -qmax 25 -threads 2 output.webm<br />
<br />
MP4 TO WEBM (MEDIUM)<br />
ffmpeg -i input.mp4 -aq 5 -ac 2 -qmax 35 -threads 2 output.webm<br />
<br />
MP4 TO OGV (HIGH)<br />
ffmpeg -i input.mp4 -vcodec libtheora -acodec libvorbis -q:v 6 -q:a 5 output.ogv<br />
<br />
MP4 TO OGV (MEDIUM)<br />
ffmpeg -i input.mp4 -vcodec libtheora -acodec libvorbis -q:v 2 -q:a 4 output.ogv<br />
<br />
ffmpeg -i video.mp4 -i audio.wav -c:v copy -c:a aac -strict experimental output.mp4</div><div dir="ltr" style="text-align: left;" trbidi="on"><br /></div><div dir="ltr" style="text-align: left;" trbidi="on">ffmpeg.exe -i Liar.Game.The.Final.Stage.2010.720p.BluRay.x264.DTS-WiKi.mkv -c:v h264_amf -crf 18 -vf subtitles="srt.srt" -c:a copy output.mp4</div><div dir="ltr" style="text-align: left;" trbidi="on"><br /></div>
墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-31570439072559974462020-05-14T14:38:00.000+08:002020-05-14T14:38:35.391+08:00Connect 2 monitors to Dell Laptop G3 15 on Fedora 32If you are trying to connect 2 monitors (HDMI + USB C), you might find that only USB C and the laptop monitors is working in Fedora 32. After I search around, here is the simple solution.<div><br /></div><div>Create a file (any file name end with extension .conf) under folder /etc/X11/xorg.conf.d.</div><div><br /></div><div>I name it 11-nvidia-prime.conf. (Copy from ubuntu). Enter the lines below and reboot. </div><div><br /></div><div style="text-align: left;"><pre>[root@localhost xorg.conf.d]# cat 11-nvidia-prime.conf<br />Section "OutputClass"<br /> Identifier "Nvidia Prime"<br /> MatchDriver "nvidia-drm"<br /> Driver "nvidia"<br /> Option "AllowEmptyInitialConfiguration"<br /> Option "IgnoreDisplayDevices" "CRT"<br /> Option "PrimaryGPU" "Yes"<br />EndSection</pre><div><br /></div></div><div>I believe this solution should be working for Fedora 25 and above.</div><div><br /></div><div>Leave me a message if you have question.</div>墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-43273781783289170982019-08-26T16:40:00.000+08:002019-08-26T16:41:20.697+08:00Using zabbit agent, not able to retrieve value from nmap command.<div dir="ltr" style="text-align: left;" trbidi="on">
Recently I've playing with zabbix installation and I faced this issue.<br />
<br />
From the Zabbix agent issue command<br />
<br />
<b><i><span style="color: #073763; font-size: large;">zabbix_agentd -s zabbix-agent -k "openvpn[x.x.x.x]"</span></i></b><br />
<br />
manage to retrieve text value.<br />
<br />
But from the zabbix server issue command<br />
<br />
<b><i><span style="color: #073763; font-size: large;">zabbix_get -s zabbix-agent -k "openvpn[x.x.x.x]"</span></i></b><br />
<br />
empty value return from the zabbix agent.<br />
<br />
The zabbix script look like this.<br />
<br />
<span style="color: #073763; font-size: large;"><b><i>Timeout=30</i></b></span><br />
<span style="color: #073763; font-size: large;"><b><i>UserParameter=openvpn[*],nmap -sT $1 -p 443 |grep 443 | awk -F " " '{print $$2}'</i></b></span><br />
<div>
<br /></div>
<div>
After searching the around, i found the solution.</div>
<div>
<br /></div>
<div>
First add the capabilities to Nmap.</div>
<div>
<br /></div>
<div>
<b><span style="color: #073763;">sudo setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip /usr/bin/nmap</span></b></div>
<div>
<br /></div>
<div>
Then add additional parameter into the script.</div>
<div>
<br /></div>
<div>
<div>
<span style="color: #073763; font-size: medium;"><b><i>Timeout=30</i></b></span></div>
<div>
<span style="color: #073763; font-size: medium;"><b><i><span style="color: #073763;">UserParameter=openvpn[*],nmap </span><span style="color: white; font-size: large;">--privileged</span><span style="color: #073763;"> -sT $1 -p 10443 |grep 10443 | awk -F " " '{print $$2}'</span></i></b></span></div>
</div>
<div>
<br /></div>
<div>
Once the agent restarted, the script will be working again.</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
---</div>
</div>
墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-14195977143800097422019-08-14T18:20:00.001+08:002019-08-14T18:20:43.449+08:00How to allow non root user to execute hping command ?<div dir="ltr" style="text-align: left;" trbidi="on">
If you run <span style="font-size: large;"><b><i>hping</i></b> </span>command without root permission or without sudo and you receive this error :<br />
<br />
<span style="color: red;">[open_sockraw] socket(): Operation not permitted</span><br />
<span style="color: red;">[main] can't open raw socket</span><br />
<div>
<br /></div>
This command might be able to help you.<br />
<br />
<i><b><span style="font-size: large;">sudo setcap cap_net_raw+ep /usr/bin/hping3</span></b></i><br />
<br />
(or any location of the hping command)<br />
<br />
setcap command is to set file capabilities.<br />
<br />
<blockquote class="tr_bq">
<b><span style="color: #073763;">What are filesystem capabilities?</span></b> </blockquote>
<blockquote class="tr_bq">
For the purpose of performing permission checks, traditional Unix implementations distinguish two categories of processes: privileged processes (whose effective user ID is 0, referred to as superuser or root), and unprivileged processes (whose effective UID is non-zero). Privileged processes bypass all kernel permission checks, while unprivileged processes are subject to full permission checking based on the process's credentials (usually: effective UID, effective GID, and supplementary group list). </blockquote>
<blockquote class="tr_bq">
Starting with kernel 2.2, Linux divides the privileges traditionally associated with superuser into distinct units, known as capabilities, which can be independently enabled and disabled. Capabilities are a per-thread attribute.</blockquote>
<div>
<br /></div>
I believe all command that need to open raw socket, by using the method above will be able to allow non root user to run the command.<br />
<br />
<br />
<br />
---<br />
<br /></div>
墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-48316566767432073852019-08-09T15:22:00.001+08:002019-08-09T15:22:26.115+08:00Magic Quadrant for WAN Edge Infrastructure<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: left;">
<span style="font-size: x-large;">Magic Quadrant for WAN Edge Infrastructure - Gartner</span></div>
<div style="text-align: left;">
Published 18 October 2018 - ID G00351467 - 61 min read</div>
<div style="text-align: left;">
<span style="font-size: x-small;"><br /></span></div>
<div style="text-align: left;">
<span style="color: #3d85c6; font-size: large;"><b>WAN edge infrastructure is changing rapidly as I&O leaders responsible for networking face dynamic business requirements, including new application architectures and on-premises and cloud-based deployment models. I&O leaders can use this research to identify vendors that best fit their requirements.</b></span></div>
<div style="text-align: left;">
<span style="color: #3d85c6; font-size: large;"><br /></span></div>
<div style="text-align: left;">
<span style="font-size: x-large;">Strategic Planning Assumption</span></div>
<br />
By year-end 2023, more than 90% of WAN edge infrastructure refresh initiatives will be based on virtualized customer premises equipment (vCPE) platforms or software-defined WAN (SD-WAN) software/appliances versus traditional routers (up from less than 40% today).<br />
<br />
<span style="font-size: x-large;">Market Definition/Description</span><br />
<br />
WAN edge infrastructure enables network connectivity from distributed enterprise locations to access resources in both private and public data centers as well as cloud (as a service). It is typically procured by senior networking leaders within an infrastructure and operations (I&O) organization. This market has evolved from traditional branch routers (often called “customer edge routers” in a Multiprotocol Label Switching [MPLS] implementation), and is undergoing dramatic change, driven by the needs of digital business transformation and the demands of line-of-business managers.<br />
<br />
This market transition has seen the influx of incumbent and emerging vendors from multiple markets (routing, security, WAN optimization, SD-WAN), each bringing its own differentiators and limitations. Gartner often sees two or three incumbent and one or two emerging vendors competing for each customer opportunity. As a result, we have created the first Magic Quadrant to cover this market.<br />
<br />
The market for branch office wide-area network functionality is shifting from dedicated routing, security and WAN optimization appliances to feature-rich SD-WAN and vCPE platforms. WAN edge infrastructure now incorporates a widening set of network functions, including secure routers, firewalls, SD-WAN, WAN path control and WAN optimization, along with traditional routing functionality. Basic and advanced product capabilities are defined in the Inclusion and Exclusion Criteria section. The advanced product capabilities highlight areas of differentiation.<br />
<br />
<blockquote class="tr_bq">
Vendor profiles are not vendor feature matrices, as each vendor brings differing approaches and capabilities. The profiles are meant to highlight factors that will be most relevant to enterprise buyers.</blockquote>
<br />
WAN edge functionality can exist on or off the enterprise premises via physical or virtual appliances, and is typically sourced from network equipment providers (and their channels), network service providers (NSPs) or managed service providers (MSPs). WAN edge infrastructure must be agnostic to the underlying network transport provider and services.<br />
In the North American market, historically more than 60% of deployments are do-it-yourself (DIY), while in much of the rest of the world, a managed service approach is favored. Additionally, large organizations are more likely to favor a DIY approach. As this market has evolved, many companies are now comparing DIY and managed service options as part of the evaluation process. Consequently, a balanced vendor go-to-market approach is required for long-term global viability.<br />
<br />
<span style="font-size: x-large;">Magic Quadrant</span><br />
<br />
<div style="text-align: center;">
<b><span style="color: #cc0000;">Figure 1. Magic Quadrant for WAN Edge Infrastructure</span></b></div>
<br />
<img alt="Magic Quadrant for WAN Edge Infrastructure" border="0" class="doc-img" data-ga-img="Enlarge Image" src="https://www.gartner.com/resources/351400/351467/351467_0001.png?reprintKey=1-5MZL31H" tabindex="0" /><br />
<br />
<br />
<span style="font-size: x-large;">Vendor Strengths and Cautions</span><br />
<span style="font-size: large;"><b><br /></b></span>
<b><span style="color: #3d85c6; font-size: x-large;">Aryaka</span></b><br />
<br />
Aryaka is a privately held company headquartered in San Mateo, California. Aryaka’s SmartCONNECT provides a fully managed SD-WAN network as a service (NaaS) solution to more than 800 customers. SmartCONNECT uses the Aryaka Network Access Point (ANAP) CPE and includes features such as application acceleration, data loss mitigation and SmartACCESS, which is a clientless SD-WAN solution for mobile employees. SmartCONNECT is based on Aryaka’s global network backbone. Customers connect securely to a local point of presence (POP) for both branch connectivity and direct cloud provider (i.e., as a service) gateway access. Noncritical traffic and latency-insensitive traffic can be can be offloaded from the Aryaka backbone to the internet. In addition to SmartCONNECT, Aryaka offers accelerated content delivery services through its SmartCDN product. Aryaka is well-suited for organizations that are geographically widely distributed that want SD-WAN plus WAN optimization controller (WOC) delivered as a service.<br />
<br />
<span style="font-size: large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Aryaka’s NaaS approach to SD-WAN provides a managed turnkey solution that can accelerate the deployment and integration of technology, and provides a WAN backbone infrastructure purposefully designed around application access and acceleration.</li>
<li>Aryaka supports customers not located in a geography covered by one of its POPs by enabling connectivity to infrastructure as a service (IaaS) resources directly via a IPsec tunnel with integrated WAN path conditioning, which can reduce the effects of increased latency.</li>
<li>SmartCONNECT service provides an encompassing feature set including WAN acceleration, SaaS provider gateways, error correction and integration with cloud-based security.</li>
</ul>
<br />
<br />
<span style="font-size: large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>SmartCONNECT may not be a fit for organizations that desire a DIY option for managing WAN edge infrastructure, because granular configuration changes must be made by Aryaka or its partners. The vendor has plans to deliver a self-service portal within the next six months.</li>
<li>Based on client feedback and Gartner’s analysis, Aryaka is not a great fit for companies that have a small number of branches contained in a small geographic region.</li>
<li>The largest current deployment is approximately 500 branches, therefore Aryaka’s solution is unproven for very large deployments as are common at many major retail and financial firms.</li>
</ul>
<br />
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Barracuda</b></span><br />
<br />
Barracuda, based in Campbell, California, is a vendor with more than 18,000 WAN edge customers, serving primarily small and midsize enterprises with its firewall products. Barracuda is privately held by the private equity firm Thoma Bravo. Barracuda offers a broad array of security and data protection products and services. Its flagship WAN edge offering is the CloudGen Firewall appliance (physical and virtual), which includes SD-WAN as a feature, managed by the Firewall Control Center application, and requisite provisioning, control, management and automation. The CloudGen Firewall can be deployed in public cloud deployments, namely Amazon Web Services (AWS), Azure and Google Cloud Platform. Barracuda is relevant to midsize clients in nearly all verticals and should be considered for security-led WAN edge opportunities primarily in North America, Europe and Latin America.<br />
<br />
<span style="font-size: large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Barracuda has strong next-generation firewall (NGFW) capabilities in its WAN edge products, including intrusion prevention system (IPS), SSL inspection and sandboxing, and VPN connectivity through multiple tunnels.</li>
<li>Barracuda focuses on supporting IT organizations with limited technical resources by providing products with simplified operations and aggressive pricing/packaging, backed up with bundled support.</li>
<li>Barracuda scored highly in our customer survey, with users noting quality of support and setup simplicity.</li>
</ul>
<br />
<br />
<span style="font-size: large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Barracuda has limited experience in supporting large-enterprise WANs at scale (more than 250 sites), compared to several vendors in this research.</li>
<li>Based on Gartner’s analysis, Barracuda’s GUI is very firewall-oriented and less intuitive than those of leading WAN edge vendors.</li>
<li>The CloudGen products are only manageable on-premises and through IaaS deployments. Cloud management is planned for 2H19, according to the vendor.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Cato Networks</b></span><br />
<br />
Cato Networks is a small, privately held company based in Tel Aviv, Israel. Gartner estimates it has more than 200 WAN edge customers. The vendor’s flagship offering is Cato Cloud, which incorporates SD-WAN along with several security features including NGFW, secure web gateway (SWG) and anti-malware. The vendor’s offering comprises branch devices called Cato Sockets, which can be hardware or virtual machine (VM) appliances, or a Cato software client for mobile devices. Cato also offers the Cato Cloud service, which includes Cato POPs and a private backbone where security and optimized transport are provided; and requisite management via an over-the-top (OTT) cloud-based platform. Although Cato Networks is one of the smaller vendors profiled in this Magic Quadrant, it is rapidly adding customers and has acquired nearly all its customers in the past 24 months. Cato is relevant to Gartner clients in Asia/Pacific, Europe and North America. Cato should be considered by midsize organizations that are looking for both security and SD-WAN, with less than 100 remote sites.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Midmarket clients like the simplicity and cost of Cato’s offering compared to traditional carrier-based managed WAN offerings.</li>
<li>Cato provides deep and broad security functionality in its product, including SWG, deep packet inspection (DPI), TLS decryption, NGFW, IPS and anti-malware.</li>
<li>The vendor’s vision and roadmap to deliver simplified and unified SD-WAN and self-healing security functionality within the next 18 months align with emerging customers’ needs, particularly in the midmarket.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>The vendor lacks experience and several capabilities compared with competitors in the market. For example, Cato currently does not support T1/E1 legacy interfaces, or WAN optimization. Also, the vendor is inexperienced in large-scale WAN deployments, as nearly all of its deployments are less than 100 sites.</li>
<li>For locations that are not geographically close to a Cato POP (i.e., within 500 km or 25 ms), there can be application degradation. Currently Cato has a very limited number of POPs in Africa and South America.</li>
<li>Cato does not manage last-mile connectivity, which many midmarket customers desire to be bundled with their provider’s equipment. As a result, clients must acquire and manage connectivity to a Cato POP on their own, or leverage one of Cato’s MSP partners.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Cisco</b></span><br />
<br />
Cisco is a large, publicly traded company based in San Jose, California, with more 100,000 WAN edge customers (primarily Integrated Services Routers [ISR] customers) including approximately 1,000 of its flagship Viptela SD-WAN offering. Cisco offers a broad array of infrastructure hardware and software. Its flagship WAN edge networking offering is Cisco SD-WAN powered by Viptela software, running on vEdge routers, ISR/Aggregation Services Routers (ASR) running IOS XE, and Enterprise Network Compute System (ENCS) managed by the vSmart and vManage controllers. The requisite control, management and automation capabilities complement these offerings. For particular use cases, Cisco offers Intelligent WAN (IWAN), its legacy ISR-based SD-WAN product. In line with competitive firewall products with built-in SD-WAN functionality, Cisco also offers Cisco SD-WAN powered by Meraki MX appliances. Cisco is relevant in all verticals and geographies. Cisco should be shortlisted for all WAN edge opportunities globally.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Cisco has a broad portfolio of WAN edge capabilities (routing, unified threat management [UTM], WAN optimization) available in a variety of form factors with support for a broad set of interfaces (including T1/E1), and a broad portfolio of performance characteristics.</li>
<li>Viptela SD-WAN provides proven scalability with rich segmentation and routing capabilities.</li>
<li>The vendor’s vision and roadmap to deliver increasing levels of automation and uniform policy across multicloud environments align with Gartner’s view of emerging customer needs.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Cisco has a broad array of products, options and features (Viptela, Meraki and IWAN), which Gartner clients report is confusing, with multiple code bases and management models with limited integration. Gartner does not anticipate this problem to be alleviated in the next 12 months.</li>
<li>Gartner believes that plans to integrate legacy ISR features into the vEdge code and integration of vEdge Manager into DNA Center could impact the reliability and continuity of the Viptela product platforms going forward.</li>
<li>Since the acquisition of Viptela, Gartner has seen unbundling of features and inconsistent pricing, which result in more complex proposals (eight-line bills of materials [BOMs] versus 40-line BOMs) that may increase the price offered to prospective buyers, based on deals Gartner reviews.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Citrix</b></span><br />
<br />
Citrix is a public company based in Fort Lauderdale, Florida with approximately 500 WAN edge customers. Citrix provides a broad set of products that include application/desktop virtualization, enterprise mobility management, file sharing, and networking and security products. Citrix’s flagship WAN edge products are its NetScaler SD-WAN appliances (physical, virtual and cloud), which are managed via the NetScaler Management and Analytics System (MAS). The solution is cloud-managed and includes optional fully featured WAN optimization. Security is supplied via an integrated stateful firewall in addition to support for SWGs from third parties such as Zscaler and Palo Alto Networks. Gartner recommends global customers in the healthcare, financial sector, manufacturing and retail segments consider Citrix, especially where prior investments have been made in other Citrix products.<br />
<br />
<b><span style="font-size: x-large;">Strengths</span></b><br />
<br />
<ul style="text-align: left;">
<li>NetScaler SD-WAN is managed via the same UI as other Citrix products, which can simplify operations for existing Citrix customers.</li>
<li>NetScaler SD-WAN offers sophisticated link bonding and path conditioning for loss and latency-sensitive applications such as unified communications as a service (UCaaS).</li>
<li>The NetScaler SD-WAN suite of CPE covers enterprise site size requirements, from microbranch through the data center.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Citrix has limited experience with very large deployments (more than 1,000 locations).</li>
<li>NetScaler SD-WAN offers limited dedicated cloud gateway functionality as part of the service (via Microsoft Azure Virtual WAN). Organizations must deploy their own as virtual appliances for AWS and Azure (from the marketplaces or via bring your own license [BYOL]), and must bring their own license for Google Cloud Platform.</li>
<li>Citrix has very limited NaaS with no standard offerings from Tier 1 service providers, which will add infrastructure complexity to potential customers who wish to consume NetScaler NaaS but remain with their incumbent vendor.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>CloudGenix</b></span><br />
<br />
CloudGenix is small, privately held company based in San Jose, California with more than 200 WAN edge customers. CloudGenix is focused primarily on SD-WAN, and its flagship offering includes Instant-On Network (ION) devices, which support SD-WAN functionality as well as basic firewalling capability. Also, the vendor offers a visibility solution as a stand-alone product called CloudGenix Clarity, which can be upgraded to support SD-WAN. ION appliances are available in both hardware and software form factors and also exist in the AWS marketplace. The vendor’s management portal is delivered via an OTT managed service (and can also be on-premises). CloudGenix should be considered by enterprises in North America looking to deploy SD-WAN, especially if application-centric troubleshooting or DevOps integration is a key requirement.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>The vendor provides excellent visibility and application-centric troubleshooting capabilities that can reduce time to resolution as well as reliance on other dedicated tools.</li>
<li>The vendor supports integrations with key DevOps tools including Ansible, Git and Jenkins.</li>
<li>The vendor’s vision and roadmap to deliver increasing levels of DevOps integration and apply machine learning to deliver intent-based WANs and advanced security align with emerging customer needs.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>The vendor has a limited geographic experience and installed base, as more than 90% of its customers are headquartered North America.</li>
<li>CloudGenix has lagged competitors in building out its sales channel, which has dramatically limited adoption of its product. This may continue to limit its growth in the market, particularly outside of North America; although, international expansion is underway.</li>
<li>The vendor lacks several capabilities that competitors offer including support for T1/E1 legacy interfaces, WAN optimization, asymmetric SaaS acceleration, and native SWG and NGFW.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Cradlepoint</b></span><br />
<br />
Cradlepoint is a privately held company headquartered in Boise, Idaho with more than 3,000 WAN edge customers. Cradlepoint offers a broad suite of branch office, mobile and Internet of Things (IoT)-focused products with an emphasis on 4G LTE data networking. Cradlepoint’s flagship WAN edge offering is its NetCloud branch solution, which includes Advanced Edge Routers (AER) appliances, NetCloud Manager, software-defined perimeter overlay and 24/7 support, delivered as a managed service. Cradlepoint also supports DIY implementations. NetCloud Branch can be augmented by NetCloud Perimeter to provide secure device-to-cloud connectivity. Integrated Wi-Fi access points, a firewall and “Wi-Fi as a WAN” are also supported. The NetCloud Manager is delivered as an over-the-top cloud-based service. Cradlepoint should be considered for WAN edge deployments in retail, quick-serve restaurants, public sector, hospitality, healthcare, transportation and financial services. Cradlepoint is suitable for organizations based in North America, Europe and Australia when LTE networking or mobility are important.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Cradlepoint has broad and deep knowledge of wireless networking technologies that enables it to deliver highly optimized solutions, including advanced monitoring and analytics.</li>
<li>Cradlepoint has relationships with major network service providers such as AT&T and Verizon, which extend its market coverage.</li>
<li>Cradlepoint delivers highly integrated, cost-optimized platforms.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Cradlepoint lacks support for legacy T1/E1 interfaces, WAN optimization and link remediation, which are required for many large deployments.</li>
<li>Cradlepoint does not offer a virtual edition of its router software, making it unsuitable for network function virtualization (NFV) or cloud endpoint deployments. The vendor plans to deliver the software in 2H18.</li>
<li>Cradlepoint’s troubleshooting is more cumbersome than the competition and requires logging into individual devices rather than making all information available via integrated application.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>FatPipe Networks</b></span><br />
<br />
FatPipe Networks is a small, privately held company based in Salt Lake City, Utah with more than 1,500 WAN edge customers, primarily in North America. FatPipe offers a broad array of WAN products including secure routers, link aggregators/load balancers and WAN optimization. Its flagship WAN edge offering is the FatPipe SD-WAN, which includes the company’s MPVPN CPE (physical and virtual) and its Symphony orchestrator. The vendor provides a broad portfolio of WAN edge capabilities including requisite provisioning, control, management and automation applications. FatPipe was an early developer of SD-WAN technologies and has deployed its products across multiple industries. FatPipe should be considered for WAN edge opportunities primarily in North America, particularly when integrated security or WAN optimization is required.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>FatPipe was a pioneer in path selection, which is now a key SD-WAN capability; thus, it has extensive expertise supporting hybrid WAN use cases.</li>
<li>FatPipe has a broad set of feature-rich products that have been deployed across customers ranging from multinational corporations to small and midsize businesses (SMBs).</li>
<li>FatPipe offers sophisticated VPN/link bonding combined with fine-grain traffic steering.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>While international expansion is underway, FatPipe has limited market presence outside of North America, which limits the pool of networking personnel familiar with its products. This limits FatPipe’s ability to sell and support its products in geographies outside of North America.</li>
<li>FatPipe has limited experience in complex deployments beyond 100 sites, which limits applicability for many organizations.</li>
<li>FatPipe’s vision and roadmap are very incremental and do not align with Gartner’s view of emerging customer needs. FatPipe is largely focused on WAN edge virtualization and functional consolidation and it has not articulated detailed plans for IoT, improved user experience monitoring and improved automation.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Forcepoint</b></span><br />
<br />
Forcepoint is a privately held company, co-owned by Raytheon Company and Vista Equity partners. The vendor is headquartered in Austin, Texas, with more than 300 WAN edge customers. Forcepoint is a pure-play security company that offers SD-WAN as a feature on its NGFW platform. Its flagship product is the Forcepoint NGFW 321 hardware appliance. The vendor also offers software appliances, supports bare-metal deployment and provides images in the AWS/Azure marketplaces. The vendor provides a deep set of security capabilities including NGFW, DLP, anti-bot and SWG. Forcepoint is relevant to Gartner clients in most geographies, but has a very limited WAN edge installed based in China and Australia. Forcepoint should be considered by customers who want SD-WAN as a feature on their NGFW, or who desire SD-WAN and SWG from a single supplier.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Forcepoint offers its own over-the-top SWG and cloud access security broker (CASB) functionality, either in-branch or as a cloud-resident service, while most competitors rely on a partner (such as Zscaler) for this capability. Thus, Forcepoint can deliver SD-WAN plus SWG via a single supplier.</li>
<li>The vendor maintains a database of more than 7,000 known applications, which is several thousand more than most SD-WAN competitors. This gives the enterprise additional granularity when creating forwarding or security policy.</li>
<li>Based upon customer feedback, Forcepoint’s NGFW platform has demonstrated consistently good feature quality, which we believe is relevant to its SD-WAN functionality.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Gartner assesses the Forcepoint UI as less mature and intuitive when compared to SD-WAN vendors, as it presents as a firewall rule set instead of a WAN edge or SD-WAN interface.</li>
<li>The vendor lacks support for several capabilities that are important including native T1/E1 legacy interfaces, full WAN optimization and asymmetric SaaS acceleration. Also, its management platform is not available as a cloud-managed service, although it can be deployed in AWS or Azure.</li>
<li>Forcepoint’s primary focus is security, and it has yet to demonstrate the ability to consistently win against network-centric and SD-WAN competitors. This may limit Forcepoint’s ability to deliver advanced WAN capabilities such as link remediation and WAN optimization to the market in a timely manner compared to more focused network competitors.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Fortinet</b></span><br />
<br />
Fortinet is a network and security player, headquartered in Sunnyvale, California, with roughly 15,000 WAN edge customers, ranging from small businesses to large enterprises. Its flagship WAN edge offering is the FortiGate SD-WAN firewall appliance (physical, virtual, cloud), which includes SD-WAN as a feature. It can be managed either on-premises (FortiManager) or from the cloud (FortiCloud), along with branch office WLAN and Ethernet switches through a single portal. Customers that deployed FortiGate products can incorporate SD-WAN capabilities through a software upgrade. Fortinet’s strength lies in its position in the branch security space, with a base of more than 300,000 firewall customers worldwide, and in its reputation of providing high-performance, cost-effective security. Fortinet should be shortlisted for all WAN edge opportunities globally, especially for organizations seeking a solution with strong security capabilities.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>The FortiGate product line is aggressively priced and includes key SD-WAN capabilities such as application visibility and steering with SSL inspection and high VPN scalability.</li>
<li>Fortinet has a global channel and strong partnership ties with multiple key managed security service providers (MSSPs) globally. This means there is a large pool of security personnel familiar with Fortinet products who can aid with implementation and operation.</li>
<li>The vendor’s vision and roadmap to deliver increasing levels of automation align with Gartner’s view of emerging customer needs on aspects such as automated updates of application and user-level policies.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Fortinet has limited experience supporting large and complex enterprise WAN deployments, and lacks several capabilities including packet duplication, and T1/E1 legacy interfaces.</li>
<li>FortiGate clients have indicated that major firmware upgrades come with substantial management UI changes, which can make administration difficult and involve somewhat of a learning curve.</li>
<li>Fortinet has minimal exposure as a networking vendor and this can limit its ability to deliver advanced WAN capabilities compared to more focused network competitors.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Huawei</b></span><br />
<br />
Huawei is a privately held company headquartered in Shenzhen, China, with more than 20,000 WAN edge customers. Huawei offers a broad array of infrastructure hardware and software, including for networking, servers and cloud. Its flagship WAN edge offering is the AR series router, which is available as a software instance, single-instance appliance, and as a vCPE platform. The vendor offers multiple WAN edge network functions including routing, SD-WAN, NGFW, and basic WAN optimization, and the requisite management provisioning, service chaining, and automation delivered by Huawei’s Agile Controller. Huawei is relevant to Gartner clients in nearly all verticals and geographies outside of North America. Huawei should be considered for WAN edge opportunities outside of North America, particularly where a vCPE platform is desired supporting multiple functions from a single supplier.<br />
<br />
<b><span style="font-size: x-large;">Strengths</span></b><br />
<br />
<ul style="text-align: left;">
<li>Huawei has a deep hardware portfolio, with a range of appliance options and supports a wide variety of interfaces, including legacy T1/E1 and embedded LTE.</li>
<li>Huawei offers multiple WAN edge functions, including routers, SD-WAN and NGFW, which can all run on its vCPE platform and chained via the Agile Controller. This can simplify WAN edge device sprawl, improve operational agility and provide cost efficiencies.</li>
<li>Huawei has a large installed base and has proven capability to support large WAN deployments, beyond 1,000 sites.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Gartner assesses Huawei as being very late to market with support for several WAN edge functions, including full WAN optimization, SD-WAN, and availability of public cloud software instances.</li>
<li>Huawei has limited brand visibility, experience, and installed base in North America and faces political headwinds, which limit its abilities to sell into this market.</li>
<li>Huawei’s SD-WAN functionality lacks several capabilities that competitors offer including broad SaaS acceleration and advanced WAN optimization.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Juniper Networks</b></span><br />
<br />
Juniper Networks is a large, publicly traded company based in Sunnyvale, California, with more than 20,000 primarily security-focused WAN edge customers. Juniper is a long-established networking and security vendor. Its flagship WAN edge solution is its Contrail SD-WAN, comprising its SRX Series Services Gateways (physical, virtual and cloud) and Contrail Service Orchestration. The vendor provides a full portfolio of WAN edge platforms including its NFX vCPE network function virtualization appliances, which can host WAN edge functions. Juniper’s strength lies in long-standing relationships with network service providers and its reputation for providing stable, high-performance products, particularly directly to large enterprises and service providers. Juniper is relevant to Gartner clients in nearly all verticals and geographies. Juniper should be considered for all security-led WAN edge opportunities globally, particularly those that will be consumed as a service.<br />
<br />
<b><span style="font-size: x-large;">Strengths</span></b><br />
<br />
<ul style="text-align: left;">
<li>Juniper has a broad set of WAN edge network capabilities, including a variety of form factors, interfaces and performance characteristics along with a feature-rich service orchestrator (Contrail Service Orchestration), which simplifies deployment and management.</li>
<li>Juniper has long-standing relationships with communications service providers, and a large and loyal installed base. This means there is a large pool of networking personnel familiar with Juniper’s products who can aid with implementation and operation.</li>
<li>Juniper has integrations with leading WAN optimization and secure web gateway providers, which enable it to deliver a best-of-breed offering.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Juniper is a late entrant into the rapidly transforming SD-WAN market and many of its target service providers have already aligned with several of Juniper’s competitors for SD-WAN. As a result, it may be difficult for customers to obtain Juniper-based managed services from their preferred service provider.</li>
<li>Gartner believes Juniper’s service provider NFV-centric strategy is challenging and could compromise its ability to maintain its investments in WAN edge offerings.</li>
<li>In addition to lacking core features like native WAN optimization and cloud management, Juniper’s offering is more expensive than a number of its competitors.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Nuage Networks</b></span><br />
<br />
Nuage Networks is based in Mountain View, California and is a division of publicly traded Nokia, based in Espoo, Finland. Nuage has approximately 400 WAN edge customers. Its flagship offering is its Virtualized Network Services (VNS), which comprises its Virtualized Services Directory (VSD), the Virtualized Services Controller (VSC), and the Network Services Gateway (NSG) CPE (physical, virtual and cloud). Nuage provides a broad portfolio of WAN edge capabilities including requisite provisioning, control, management and automation, which are integrated with its Virtualized Cloud Services (VCS) data center network overlay. Nuage’s strength lies in its long-standing relationships with communications service providers and its reputation for delivering software that operates at global scale. Nuage is relevant to Gartner clients that require extreme scalability or that prefer to consume WAN edge solutions as a managed service.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Nuage’s WAN edge and data center offering is based on a well-thought-out architecture that delivers an integrated end-to-end network with a common policy and automation framework.</li>
<li>Nuage has relationships with service providers in all geographies, making its offering available on a global basis.</li>
<li>The vendor’s vision and roadmap to deliver increasing levels of automation and uniform policy across multicloud environments align with Gartner’s view of emerging customer needs.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Nuage’s service-provider-centric route-to-market strategy does not match how a large portion of the market prefers to consume WAN edge infrastructure. This will limit buyers’ access to Nuage’s offering.</li>
<li>Nuage has a very small installed base of enterprise accounts. This means there is not a large pool of networking personnel familiar with its products who can aid with implementation and operation.</li>
<li>Nuage has very limited experience dealing directly with DIY midmarket buyers.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Peplink</b></span><br />
<br />
Peplink is a small, publicly held company based in Hong Kong, with more than 3,500 WAN edge customers. Peplink is listed on the Hong Kong stock exchange as Plover Bay Technologies. Peplink offers a broad array of WAN products optimized for applications where bandwidth is limited. Its flagship WAN edge offering is the SpeedFusion SD-WAN comprising the MAX Multi-Cellular Router (physical), FusionHub router (virtual and cloud) and its InControl 2 cloud management system. The vendor provides a broad portfolio of LTE plus wired WAN edge capabilities including link bonding and remediation, mobility, and fleet management. Peplink’s strength lies in strong wireless networking technical capabilities and its relationships with go-to-market partners that focus on Peplink’s targeted verticals. Peplink is relevant to Gartner clients in nearly all verticals and geographies that have demanding wireless requirements, are in bandwidth-constrained environments or that require mobile networking. Peplink should be considered for all wireless (LTE)-led WAN edge opportunities globally.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Peplink can support a large number of links in its platforms and can bond multiple links (wired and wireless) into a single logical link to deliver high-bandwidth connections where others cannot.</li>
<li>Peplink has a rich set of WAN management and troubleshooting capabilities, particularly relating to wireless issues.</li>
<li>Peplink has vertical-specific capabilities such as ruggedized platforms and applications for time and attendance tracking and fleet management.</li>
</ul>
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Peplink is a small company with limited sales channels, which can make it difficult for buyers to obtain its products from existing suppliers.</li>
<li>Peplink’s modest number of channel partners and its limited installed base mean there is a limited pool of networking personnel familiar with Peplink’s products.</li>
<li>Peplink’s long-term success depends upon significant rollout and adoption of advanced wireless networking for fixed location access. This may affect Peplink’s ability to continue to invest in its products.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Riverbed</b></span><br />
<br />
Riverbed is privately owned by Thoma Bravo and is based in San Francisco, California, with approximately 30,000 WAN edge customers and 1,000 SD-WAN customers. Riverbed’s flagship WAN edge offering is its SteelHead SD, which supports SD-WAN with WAN optimization in a single integrated appliance. Riverbed also offers the SteelConnect family of SD-WAN gateways, Ethernet switches and access points, which it positions for the midmarket and retail verticals. Riverbed devices are available as physical and virtual form factors and are centrally administered by SteelConnect Manager (cloud-based or on-premises). Riverbed does not offer vendor-hosted cloud gateways as a service, but virtual appliances are available on AWS and Azure cloud marketplaces and Riverbed supports Microsoft Azure Virtual WAN service. Riverbed is suitable for large and midsize organizations globally across verticals, particularly those who desire both SD-WAN and WAN optimization in an integrated device.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>The vendor has substantial experience with and understanding of large-scale WANs and enterprise applications, with more than 30,000 WAN optimization customers.</li>
<li>Riverbed provides an integrated appliance that includes in-depth WOC and SD-WAN.</li>
<li>Riverbed offers a simple, easy-to-use “one click” virtual cloud appliance deployment.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Based on deals Gartner has reviewed through mid-2017, Riverbed has been substantially more expensive than SD-WAN competitors. Riverbed reports that it has adopted more aggressive pricing starting in June 2018.</li>
<li>Riverbed lacks features that many buyers require including legacy T1/E1 interfaces, link remediation for loss-sensitive applications and SWG, and natively includes only basic stateful firewall capabilities.</li>
<li>Riverbed does not offer vendor-hosted cloud gateways as a service, but automated deployment of virtual appliances is available for AWS and Azure marketplaces, and Riverbed supports Microsoft Azure Virtual WAN service.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Silver Peak</b></span><br />
<br />
Silver Peak is a privately held company based in Santa Clara, California with approximately 3,000 WAN edge customers. Silver Peak’s flagship WAN edge product is Unity EdgeConnect SD-WAN appliances (physical, virtual, cloud), with optional Unity Boost WAN optimization and Unity Orchestrator (on-premises or cloud), which has more than 1,000 customers. Silver Peak has integration partnerships with popular security providers including Check Point Software Technologies, Fortinet, Palo Alto Networks and Zscaler. Silver Peak’s strength lies in its real-time internet path intelligence, path conditioning, link bonding and optional integrated WOC. Silver Peak should be shortlisted for WAN edge opportunities in North America, EMEA and Asia/Pacific, especially when WOC functionality and path conditioning are required.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Silver Peak’s WAN path conditioning, combined with Unity Boost WAN optimization, provides comprehensive support for internet links where performance is more variable when compared to traditional WAN circuits such as MPLS.</li>
<li>The vendor has demonstrated a strong market understanding by delivering SD-WAN products well ahead of other established WAN edge vendors. This has enabled it to build a good understanding of customer deployment needs.</li>
<li>EdgeConnect is available as a virtual appliance on AWS, Azure and Oracle Cloud, and has upcoming Google Cloud virtual appliance availability scheduled for August 2018.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>EdgeConnect lacks NGFW capability. Users who desire a next-generation firewall capability must acquire, deploy and manage it separately.</li>
<li>Silver Peak’s limited number of service provider partnerships inhibits its ability to reach buyers that prefer to consume WAN edge capabilities as a service.</li>
<li>Lack of cloud-resident gateways that are delivered as a service can make the solution less attractive from management, deployment and cost perspectives.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Talari</b></span><br />
<br />
Talari is a private WAN virtualization vendor with a strong focus on WAN path control, headquartered in San Jose, California, with more than 400 WAN edge customers. Its flagship WAN edge offering is the Failsafe SD-WAN comprising its T and E series physical appliances, V and C virtual and cloud appliances, and its Talari Aware management system (on-premises or cloud). Talari’s strength lies in its sophisticated link aggregation and remediation, which provide seamless failover for sensitive applications such as UCaaS/VoIP. Talari provides native WAN optimization, a basic stateful firewall, and an optional embedded NGFW on its E100/E1000 appliances that is delivered via a partnership with Palo Alto Networks. Talari should be shortlisted for WAN edge opportunities for global midmarket enterprises, especially when link remediation and sophisticated traffic steering are required.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Talari provides strong SD-WAN with good access aggregation capabilities, as well as strong quality of service (QoS) and path selection functionality for predictable application performance and WAN optimization.</li>
<li>Talari has experience supporting complex deployments such as 911 for emergencies, military and large international call centers.</li>
<li>Talari’s vision to support simplified resilient and unified SD-WAN capabilities align with emerging customer needs, particularly in the midmarket.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Talari has limited experience supporting deployments beyond 150 locations.</li>
<li>Talari lacks support for several capabilities that are important to many buyers such as support for legacy T1/E1 interfaces, asymmetric SaaS acceleration and public cloud resident gateways, which are delivered as a service,</li>
<li>Talari has limited channel, and very limited carrier/cloud, partnerships outside of the U.S. compared to other vendors included in this research, which may limit buyers’ procurement options. Talari is targeting 2018/2019 for international and channel expansion.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Teldat</b></span><br />
<br />
Teldat is an established, privately held communications company based in Madrid, Spain and Nuremberg, Germany with more than 700 WAN edge customers. Teldat offers a broad range of voice and data products including LAN, WAN, wireless LAN (WLAN) and voice, and its IntegraT division provides integration, maintenance and support services. Its flagship WAN edge offering is the Teldat-iM8, an SD-WAN edge gateway and the Colibri NetManager (CNM). The vendor provides routing, SD-WAN, basic firewall and SWG functionality on its WAN edge products. Teldat operates globally, but focuses primarily on EMEA and Latin America, and delivers products primarily through carriers and managed service providers. Teldat should be considered for routing and SD-WAN by customers in EMEA and Latin America, who prefer operating their WAN edge devices via managed network providers.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Teldat provides cost-effective solutions in this market, and can address customer branch challenges beyond just the WAN edge, including LAN and WLAN, from the same management console.</li>
<li>Teldat has a large installed base of customers using its traditional routers, and a proven ability to support large-scale WANs of more than 1,000 locations. We believe this will carry over to its SD-WAN offering.</li>
<li>Teldat offers a management console that is available as an over-the-top service, which many customers prefer to simplify operations.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Teldat has limited expertise with DIY enterprises as it is heavily focused on selling through carrier and MSP partnerships in Europe and Latin America.</li>
<li>Teldat’s SD-WAN product is relatively new, with limited customer adoption (less than 50 customers), and limited advanced features. The vendor has not yet shown it can consistently compete and win against focused SD-WAN competitors, which may limit its ability to grow in the market.</li>
<li>The vendor lacks several capabilities that other vendors offer, including: software instances within AWS/Azure marketplaces, high availability for SD-WAN devices, WAN optimization, first packet application recognition and asymmetric SaaS acceleration.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Versa</b></span><br />
<br />
Versa is a small, privately held company based in San Jose, California with more than 500 WAN edge customers. Versa focuses on branch and WAN functions including routing, security and SD-WAN. Its flagship WAN edge offering is Versa FlexVNF software, and the requisite management and orchestration. FlexVNF supports routing, SD-WAN and multiple security functions, as well as third-party virtual network functions (VNFs). FlexVNF can be delivered as a branded appliance, in AWS and Azure cloud marketplaces, and as a software appliance. Versa should be considered for SD-WAN opportunities in North America, particularly when SD-WAN and security functions are desired.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>Versa offers advanced feature depth/capability for both security and SD-WAN, with support for NGFW, mean opinion score (MOS)-based steering, SaaS acceleration, forward error correction, striping and packet duplication.</li>
<li>Clients choosing Versa often cite the integration of SD-WAN and NGFW/UTM via a single management interface as a strong differentiator versus competitors.</li>
<li>Several network service providers including CenturyLink, Colt Technology Services, Verizon, Tata Communications and others have general availability offerings based on Versa technology, which indicates product stability and scalability, and should help Versa to compete long term in the market.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>Versa has limited adoption in large-scale branch deployments (beyond 1,000 branches) and limited adoption outside of North America, although international expansion is ongoing.</li>
<li>Versa lacks several capabilities in this market including full WAN optimization and publicly available cloud gateways offered as a managed service; although, its service providers offer Versa gateways to their customers.</li>
<li>Versa has limited direct enterprise DIY experience as much of its initial efforts have gone to working with MSP partners as its preferred route to market. This may limit its ability to serve buyers that favor a DIY approach.</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>VMware</b></span><br />
<br />
VMware is a large, publicly traded company based in Palo Alto, California, and we estimate it has more than 3,000 WAN edge customers. In December 2017, VMware acquired VeloCloud. VMware’s flagship WAN edge offering is VMware NSX SD-WAN by VeloCloud, which includes edge appliances, orchestration and cloud-resident gateways. The vendor’s edge appliances are available as hardware or software, and are also available in the AWS and Azure marketplaces. VMware also offers cloud-resident gateways that are delivered as a service (NSX SD-WAN gateways). The NSX SD-WAN orchestrator is available on-premises, hosted or via an OTT offering. VMware provides a firewalling capability in addition to routing and SD-WAN functionality. VMware is relevant to Gartner clients in nearly all verticals and geographies, and should be considered for all SD-WAN opportunities globally.<br />
<br />
<span style="font-size: x-large;"><b>Strengths</b></span><br />
<br />
<ul style="text-align: left;">
<li>VMware’s dynamic optimization capability improves application performance across degraded links, including real-time applications such as voice, and even in single-link scenarios.</li>
<li>VMware has consistently demonstrated the ability to win against other SD-WAN competitors in highly competitive situations with technologically astute customers, and, consequently, supports production WANs of more than 1,000 sites.</li>
<li>The vendor’s vision and roadmap over the next 18 months to deliver intent-based networking for the WAN, end-to-end microsegmentation and integration with edge computing align with emerging customer needs.</li>
</ul>
<br />
<br />
<span style="font-size: x-large;"><b>Cautions</b></span><br />
<br />
<ul style="text-align: left;">
<li>The vendor lacks WAN optimization, NGFW and secure web gateways in its products, which are often desired by global companies and/or companies doing direct internet offload.</li>
<li>Compared to several competitors in this research, VMware has less experience in supporting complex WAN edge environments.</li>
<li>We expect VMware to aggressively sell NSX SD-WAN into its extensive global ESX installed base, which will likely spread existing VeloCloud sales/support resources thin, possibly impacting implementation quality.</li>
</ul>
<br />
<span style="font-size: x-large;"><b>Vendors Added and Dropped</b></span><br />
<br />
We review and adjust our inclusion criteria for Magic Quadrants as markets change. As a result of these adjustments, the mix of vendors in any Magic Quadrant may change over time. A vendor’s appearance in a Magic Quadrant one year and not the next does not necessarily indicate that we have changed our opinion of that vendor. It may be a reflection of a change in the market and, therefore, changed evaluation criteria, or of a change of focus by that vendor.<br />
<br />
<b><span style="color: #3d85c6;">Added</span></b><br />
This is the initial WAN edge Magic Quadrant.<br />
<br />
<b><span style="color: #3d85c6;">Dropped</span></b><br />
This is the initial WAN edge Magic Quadrant.<br />
<br />
<span style="font-size: x-large;"><b>Inclusion and Exclusion Criteria</b></span><br />
<br />
To qualify for inclusion, vendors must show relevance to Gartner clients via the following:<br />
<br />
<br />
<ul style="text-align: left;">
<li>Provide hardware and/or software addressing the emerging enterprise WAN edge requirements outlined in the Market Definition/Description section. Alternatively, they can address this need by delivering a managed service that uses in-house-developed hardware/software to deliver the service.</li>
<li>Produce and release enterprise WAN edge networking products for general availability as of 1 June 2018. All components must be publicly available, shipping and included on the vendor’s published price list as of this date. Products shipping after this date, and any publicly available marketing information will only have an influence on the Completeness of Vision axis.</li>
<li>Provide commercial support and maintenance for their enterprise WAN edge products (24/365) to support deployments on multiple continents. This includes (but is not limited to) hardware/software support, access to software upgrades, and troubleshooting and technical assistance.</li>
<li>Show relevance to Gartner’s enterprise clients on a global basis by meeting both of the following criteria:</li>
<ul>
<li>One hundred fifty production WAN edge customers (under active support contracts) or 10 production customers with more than 500 branches deployed each. This excludes paid pilots and POCs.</li>
<li>Demonstrate either: (1) active sales and support for enterprise WAN edge on at least two continents with at least 25 current customers based on each continent (with active support contracts); or (2) 250 WAN edge customers (with active support contracts) with at least 150 customers on one continent and at least five customers on each of two additional continents.</li>
</ul>
</ul>
<br />
<br />
<b>Basic Product Capabilities</b><br />
<br />
Vendors must have generally available products that support all of the following capabilities. These capabilities must be supported natively on branch CPE:<br />
<br />
<ul style="text-align: left;">
<li>The ability to function as/replace the branch office router/CPE</li>
<li>For product companies, a multi-interface physical CPE appliance form factor with a list price of under $1,500</li>
<li>The ability to operate autonomously in the event of a loss of connection to the central management application or controller</li>
<li>Support for static routing and BGP for connections to the enterprise core</li>
<li>Support for the following WAN topologies — hub and spoke, partial mesh and full mesh — all with direct internet breakout at the branch</li>
<li>Centralized management for devices, including visibility, reporting and configuration changes, and software upgrades</li>
<li>Zero-touch configuration for branch devices</li>
<li>The ability to centrally manage and configure devices via a GUI</li>
<li>VPN (Advanced Encryption Standard [AES] 256-bit encryption)</li>
<li>Dynamic traffic steering based on business or application policy (not limited to only DiffServ Code Point [DSCP]/ports or IPs/circuits)</li>
<li>Support for traffic shaping and QoS</li>
<li>At least 100 well-known application profiles included, and the ability to create customized app templates</li>
<li>Support for customers to make granular device configuration changes rather than requiring the customer to contact the vendor to make the change</li>
</ul>
<br />
<br />
<b>Advanced Product Capabilities</b><br />
<br />
Vendors must have generally available products or services that support at least six of the following 16 capabilities:<br />
<br />
<ul style="text-align: left;">
<li>T1 or E1 physical interfaces</li>
<li>Embedded 3G/4G LTE modems</li>
<li>Physical and virtual form factors for branch CPE</li>
<li>Software-based appliance form factors certified for public IaaS providers such as AWS and Azure</li>
<li>Public cloud resident gateways that are delivered as a service</li>
<li>Dynamic path selection that accounts for WAN conditions at individual branches, including circuit uptime and latency, and generalized application performance.</li>
<li>Basic WAN optimization (minimum TCP optimization, compression, deduplication, HTTP[S] optimization)</li>
<li>Optimized private backbone, offered by the vendor as a managed service</li>
<li>UC optimization/remediation, which requires at least one of the following: forward error correction (FEC) or packet duplication across multiple circuits</li>
<li>Firewall or next-generation firewall</li>
<li>Secure web gateway</li>
<li>Additional security capabilities such as DNS-based protection</li>
<li>Support to install third-party VNF</li>
<li>Cloud-managed capabilities (management plane delivered as a cloud-resident service, offered as SaaS)</li>
<li>Asymmetric SaaS acceleration</li>
<li>Proven ability to do first packet identification of common SaaS applications for traffic steering</li>
</ul>
<br />
<b>Financial Performance:</b><br />
<br />
<ul style="text-align: left;">
<li>Vendors must show relevance to Gartner’s enterprise clients by meeting at least one of the following for 2017:</li>
<li>Total one-time annual recognized WAN edge product revenue of at least $10 million</li>
<li>Total one-time annual recognized WAN edge product revenue of at least $4 million, with a 2017 compound annual growth rate (CAGR) of more than 50%</li>
<li>Recognized recurring license revenue of at least $5 million</li>
<li>Recognized recurring license revenue of at least $2 million, with a 2017 CAGR of more than 50%</li>
</ul>
<br />
<b>Exclusion Criteria</b><br />
<br />
This Magic Quadrant will not focus on offerings that support extra-small-site deployment needs that are common in such retail markets as mall kiosks, convenience stores, gas stations and independent insurance agents. This use case will be covered in the companion Critical Capabilities research.<br />
<br />
In addition, we exclude NSPs offering managed network services that do not own their WAN edge technologies because they build their offerings with commercial vendor products as the underpinning technology. Further, most carrier services are not agnostic to transport.<br />
<br />
<b>Vendors of Note</b><br />
<br />
There are more than 60 vendors that compete in the WAN edge market; many with very specialized offerings. Vendors listed below, along with several others, did not meet the inclusion criteria but are notable for their offerings and may be of interest to readers of this research:<br />
<br />
<ul style="text-align: left;">
<li>128 Technology</li>
<li>Bigleaf Networks</li>
<li>Cybera</li>
<li>Ecessa</li>
<li>Aruba, a Hewlett Packard Enterprise company</li>
<li>Infovista</li>
<li>Lavelle Networks</li>
<li>Multapplied</li>
<li>ZeroOutages</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Evaluation Criteria</b></span><br />
<br />
<span style="font-size: large;"><b>Ability to Execute</b></span><br />
<br />
<b>Product/Service:</b> This criterion refers to core goods and services that compete in and/or serve the defined market. This includes current product and service capabilities, quality, feature sets, skills, etc. This can be offered natively by the vendor or alternatively through technology licensing, as long as the vendor provides additional technological capabilities beyond those provided by the OEM supplier.<br />
<br />
It evaluates vendors by looking at their overall WAN edge networking portfolios, including all hardware and software aspects of WAN edge networking. This includes physical and virtual CPE, controllers, gateways, and the relevant automation, management and orchestration of those components. We consider the breadth and depth of WAN edge functions that the vendor offers, as well as automation and integration within broader networking workflows and orchestration. Particular attention will be paid to management that is application-/business-outcome-focused, not infrastructure (TCP/IP, command line interface [CLI] and/or DSCP)-oriented. We consider product and architectural migration strategies, and the ability to address customers’ multicloud deployment requirements, QoS, traffic steering, scalability and resiliency. We focus on vendors’ flagship enterprise offering and/or the products they lead with for enterprise accounts.<br />
<br />
<b>Overall Viability:</b> Viability includes an assessment of the overall organization’s financial health; the financial and practical success of the business unit; and the likelihood that the individual business unit will continue to invest in and offer the product, and advance the state of the art within the organization’s portfolio of networking products. Geopolitical issues may also impact overall viability for some vendors in this market.<br />
<br />
<b>Sales Execution/Pricing:</b> The organization’s capabilities in all presales activities and the structure that supports them are evaluated. This includes deal management, pricing and negotiation, presales support and the overall effectiveness of the sales channel.<br />
<br />
This criterion evaluates presales and go-to-market activities of both the vendor and its channels, and includes analysis of how the vendor interacts with its customers and prospects. The second aspect of this criterion includes our evaluation of the cost-effectiveness of the solutions for purchase and support over their useful life, and the ability to recognize and position the most appropriate solution in specific sales situations.<br />
<br />
<b>Market Responsiveness and Track Record:</b> This refers to a vendor’s ability to respond, change direction, be flexible and achieve competitive success as opportunities develop, competitors act, customer needs evolve, and market dynamics change. It includes how well the vendor’s offering matches buyer’s requirements at the time of purchase. We assess the vendor’s track record in delivering new capabilities when the market needs them. This criterion also considers the vendor’s history of responsiveness to changing market demands. This evaluation is not limited to products, it involves pricing/licensing as well.<br />
<br />
<b>Marketing Execution:</b> We evaluate the clarity, quality, creativity and efficacy of programs designed to deliver the organization’s message in order to influence the market, promote the brand, increase awareness of products and establish a positive identification in the minds of customers. This “mind share” can be driven by a combination of publicity, promotional, thought leadership, social media, referrals and sales activities.<br />
<br />
This criterion focuses on how the vendor is perceived in the market, and how well its marketing programs are recognized. For WAN edge infrastructure, the evaluation focuses on how well the vendor is able to influence and shape perception in the market through marketing activities. An additional indicator for this criterion is how often Gartner clients consider a vendor as a possible supplier in a shortlist evaluation.<br />
<br />
<b>Customer Experience:</b> Products and services and/or programs that enable customers to achieve anticipated results with the products that are evaluated. Specifically, this includes quality supplier/buyer interactions, technical support, or account support. This may also include ancillary tools, customer support programs, availability of user groups, service-level agreements, etc.<br />
<br />
This criterion looks at all aspects of the customer experience, with a heavier weighting on postsales service and support activities. This includes customers’ experiences with the vendor’s WAN edge products and services used in their production environments. It includes initial provisioning, as well as day-to-day operation and management of WANs. Hardware and software quality and how existing customers describe their experience with the vendors’ products are evaluated.<br />
<br />
<div style="text-align: center;">
<b><span style="color: #cc0000;">Table 1: Ability to Execute Evaluation Criteria</span></b></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3zSoN18xhxTQYQnUpMuq0__Rc95j7c6VB5EtGibeNt9BbdARh-8p6AsbdINRQAo-ELktp3abjN1yLypNf-Rk6YsBlJWKeEXmD5XH7p01yIpjoQn1hlsYRfcRZZ1fo1tln7RRCI6YEkc4/s1600/Screenshot_2019-08-09+Gartner+Reprint%25282%2529.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="478" data-original-width="947" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3zSoN18xhxTQYQnUpMuq0__Rc95j7c6VB5EtGibeNt9BbdARh-8p6AsbdINRQAo-ELktp3abjN1yLypNf-Rk6YsBlJWKeEXmD5XH7p01yIpjoQn1hlsYRfcRZZ1fo1tln7RRCI6YEkc4/s1600/Screenshot_2019-08-09+Gartner+Reprint%25282%2529.png" /></a></div>
<br />
<b><span style="color: #3d85c6; font-size: x-large;">Completeness of Vision</span></b><br />
<br />
<b>Market Understanding:</b> This refers to the vendor’s ability to understand customer needs and translate them into products and services. It describes vendors that show a clear vision of their market — listen, understand customer demands, and can shape or enhance market changes with their added vision.<br />
<br />
This criterion assesses the vendor’s ability to look into the future and drive new ideas into product roadmaps and offerings. This includes the vendor’s understanding of core WAN edge buyers as described in the Market Definition/Description section. In this market, we look at the vendor’s ability to address the challenges associated with distributed branch office locations. This may include, but isn’t limited to, simplified central management; large-scale deployments; latency/bandwidth challenges; automation; multicloud networking; changing application deployment scenarios including on-premises, IaaS/PaaS, and SaaS; architectures; openness; choice; and investment protection.<br />
<br />
<b>Marketing Strategy:</b> This criterion considers clear, differentiated messaging consistently communicated internally, externalized through social media, advertising, customer programs, and positioning statements.<br />
<br />
It evaluates the ability of the vendor to influence the market through its messaging and marketing campaigns. Further, this includes the extent to which the vendor articulates a differentiated message and communicates it consistently. We look for consistent communication throughout the organization and through its website, advertising, customer programs and positioning statements, as well as statements of direction and product roadmaps.<br />
<br />
<b>Sales Strategy: </b>This refers to a sound strategy for selling that uses the appropriate networks including: direct and indirect sales, marketing, service, and communication. The vendor should have partners that extend the scope and depth of market reach, expertise, technologies, services and its customer base.<br />
<br />
This criterion evaluates the vendor’s use of direct and indirect sales to extend the scope and depth of its market reach. This includes development of effective go-to-market strategies; alliances and partnerships leveraging value-added resellers (VARs), system integrators (SIs), master agents, NSPs, MSPs and OEM resellers as appropriate. In addition, this includes how the vendor exploits new business models that are emerging due to market and technology transitions.<br />
<br />
<b>Offering (Product) Strategy:</b> This criterion refers to an approach to product development and delivery that emphasizes market differentiation, functionality, and features as they map to current and future requirements.<br />
<br />
It evaluates how the vendor plans and invests in R&D to continue to innovate in the key market transitions identified in the Market Definition/Description and Extended Market Definition sections. This includes product roadmaps around existing and future WAN edge functions. This also includes not only the raw functions, but also the vendor’s overall architecture across the portfolio.<br />
<br />
<b>Business Model:</b> The design, logic and execution of the organization’s business proposition to achieve continued success are evaluated. This criterion assesses the soundness and logic of a technology provider’s underlying business proposition.<br />
<br />
<b>Vertical/Industry Strategy:</b> This refers to the vendor’s strategy to direct resources, skills and offerings to meet the specific needs of individual market segments, including vertical markets.<br />
<br />
It measures the vendor’s ability to address the unique requirements of particular verticals/industries and to employ the associated sales channels to build a sustainable business advantage.<br />
<br />
<b>Innovation:</b> We evaluate a vendor’s direct, related, complementary, and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or pre-emptive purposes.<br />
<br />
This criterion measures the vendor’s ability to address emerging WAN edge requirements and/or to increase value to enterprise customers. We look at how the vendor invests in new technologies to move its business and the market forward, with a focus on technologies that are differentiated, unique and offer high value to the enterprise buyer. Specific examples include (but aren’t limited to) application centricity, intent-driven networking, improved management and automation, and even nonproduct innovations like consumption-based pricing and hybrid offerings that bundle product and managed services. A key attribute in the WAN edge market is vendor innovation in technology areas that best meet emerging enterprise market requirements around simplified management of hybrid WAN architectures, including increasing levels of automation. Innovation is not a checkbox of current and proposed product features. Innovation is not limited to product, it can cover multiple aspects of the vendor’s strategy.<br />
<br />
<div style="text-align: center;">
<span style="color: #cc0000;"><b>Table 2: Completeness of Vision Evaluation Criteria</b></span></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9nqNdVi66KQB1h7JbC0ITfSqLsWiiozhJjszo7akLLApsSDny81OC8sRa6x3wIAYPWy03hB-2LLO_M4JpHXo8fsS58tHSTOtVxkvUHCg1d7QPKM40FT3t7wjNzW41m9PQ9wSdHeybq0s/s1600/Screenshot_2019-08-09+Gartner+Reprint%25283%2529.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="529" data-original-width="954" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9nqNdVi66KQB1h7JbC0ITfSqLsWiiozhJjszo7akLLApsSDny81OC8sRa6x3wIAYPWy03hB-2LLO_M4JpHXo8fsS58tHSTOtVxkvUHCg1d7QPKM40FT3t7wjNzW41m9PQ9wSdHeybq0s/s1600/Screenshot_2019-08-09+Gartner+Reprint%25283%2529.png" /></a></div>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Quadrant Descriptions</b></span><br />
<br />
<span style="font-size: large;"><b>Leaders</b></span><br />
<br />
A Leader has demonstrated a sustained ability to address changing requirements for enterprise WAN edge. A Leader also can drive, shape, and transform the market, and maintain strong relationships with its channels and customers.<br />
<br />
<b><span style="font-size: large;">Challengers</span></b><br />
<br />
A Challenger has demonstrated sustained execution in the marketplace, and has clear, long-term viability in the market. However, a Challenger has not shown the ability to drive, shape and transform the market.<br />
<br />
<b><span style="font-size: large;">Visionaries</span></b><br />
<br />
A Visionary has innovated in some key areas of WAN edge, such as path selection, link remediation, automation, operational efficiency and cost reductions. Visionaries often help to transform the market, from driving new ideas, including new business models, to solving enterprise challenges.<br />
<br />
<b><span style="font-size: large;">Niche Players</span></b><br />
<br />
A Niche Player has a complete or near-complete product offering, but has limitations such as geographic reach or vertical market focus. A Niche Player has a viable product offering but has not shown the ability to transform the market or maintain sustained execution.<br />
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Context</b></span><br />
<br />
<span style="font-size: large;"><b>Market Forecast</b></span><br />
<br />
The WAN edge market (comprising SD-WAN plus traditional branch routers) is forecast to generate a CAGR of −3% in end-user spending from 2017 through 2022. However, this is the result of the robust growth of SD-WAN (37% CAGR) and the decline of traditional branch office routers (-21% CAGR). The decline is due to the lower average selling price of SD-WAN hardware and software.<br />
<br />
During this same period, the dedicated WAN optimization market will experience a −24% CAGR, while the firewall market is forecast to grow by an 8% CAGR.<br />
<br />
During this period, Gartner expects that functional consolidation of WAN edge functions into a new class of device may cause further declines in the number of devices shipped and the total market size. This bodes well for buyers, as multifunction devices typically sell for less than several dedicated devices.<br />
<br />
The increase in WAN speeds from 1.5/2.0 Mbps legacy interfaces and 10 Mbps Ethernet interfaces to link speeds and throughputs of 1 Gbps and beyond will drive up the prices of WAN edge equipment, although at a slower rate than the increase in link speeds.<br />
<br />
<span style="font-size: large;"><b>Popular and Emerging Topics</b></span><br />
<br />
<b>Internet Substitution for MPLS Connections</b><br />
<br />
Many Gartner clients hope to fund their WAN expansion/update by replacing or augmenting expensive MPLS connections with internet-based VPNs, often from alternate providers. However, suitability of internet connections varies widely by geography, and service providers mixing connections from multiple providers increases complexity. SD-WAN has dramatically simplified this approach for the following reasons:<br />
<br />
<br />
<ul style="text-align: left;">
<li>Due to the simpler operational environment and the ability to use multiple circuits from multiple carriers, enterprises can abstract the transport layer from the logical layer and be less dependent on their service providers.</li>
<li>This decoupling of layers is enabling new MSPs to emerge to take advantage of the above for customers that still want to outsource their WANs.</li>
<li>Traditional service providers are responding with NFV-based offerings that combine and orchestrate services (SD-WAN, security, WAN optimization) from multiple popular vendors.</li>
</ul>
<br />
<b>Automation and Agility</b><br />
<br />
Currently, many WAN changes are manual and CLI-driven (more than 70% for many enterprises). Thus, in many inquiries regarding WAN, Gartner clients mention a desire to improve automation and agility. In some instances, the focus is on dedicated SD-WAN tools; but occasionally this desire is driving investment in no-traditional tooling such as Ansible or intent-based networking. Gartner clients report operation savings of 90% when comparing the better WAN edge solutions with traditional router-based deployments (administration time of five minutes per months versus one hour per month).<br />
<br />
<b>Routing From Nontraditional Suppliers</b><br />
<br />
Enterprise routing has been the purview of a few trusted suppliers. The emergence of SD-WAN has demonstrated that routing has been democratized and that many vendors are as good, or perhaps even better, at branch office routing than the incumbents. As a result, trusted suppliers from adjacent markets, typically security and WAN optimization, are now aggressively competing for this business. Client inquiry often covers the suitability of these supplier solutions and the possible saving of as much as 50% when refreshing routing.<br />
<br />
<b>Feature Breadth Versus Feature Depth</b><br />
<br />
There are two approaches to selecting WAN edge equipment. Some Gartner clients prefer feature depth and they often prefer dedicated devices per function in the belief that they can achieve a more robust solution via best-of-breed products. Others prefer the simplicity of a single device and management console in the belief that the consolidated function device is more than good enough, especially since it can be easier to correctly configure the entire technology stack via one interface.<br />
<br />
<span style="font-size: x-large;"><b>Market Overview</b></span><br />
<br />
Gartner’s view of the market is focused on transformational technologies or approaches delivering on the future needs of end users. It is not exclusively focused on the market as it is today.<br />
<br />
This dynamic market with emerging client needs has created a deeply fragmented vendor landscape, with both large established vendors and smaller providers from multiple segments competing for deals. Differentiation can be feature-based (e.g., T1/E1 support, embedded NGFW), business-model-based (pure subscription, WAN as a service using proprietary technologies) got-to-market (direct, master agents, product-focused VARs or system integrators as MSPs). Some vendors focus on feature depth, while others choose an “all in one offering” approach. Scale of deployment and the ability to support complex environments remain differentiators at the high end of the market, where some customers require deployments of several thousand branches.<br />
<br />
<span style="color: #3d85c6; font-size: large;"><b>Market Drivers</b></span><br />
<br />
The WAN edge market is primarily driven by five factors:<br />
<br />
<ol style="text-align: left;">
<li>Refresh of existing branch office networking equipment that is at its technological or support limits (see “Know When It’s Time to Replace Enterprise Network Equipment”)</li>
<li>Renewal of NSP or managed service contracts, where a new service provider also means new equipment</li>
<li>The changing traffic patterns resulting from the increasing use of cloud resources, which renders the traditional hub-and-spoke WAN architecture obsolete</li>
<li>The expansion of capacity (i.e., physical build-outs) within existing locations</li>
<li>The desire to increase agility and automation in order to address the needs of digital business transformation and to lower operational expenses (and maybe the growing realization that WAN operations do not need to be the burdensome operational burden of the past)</li>
</ol>
<br />
Moving forward, Gartner views SD-WAN and vCPE as key technologies to help enterprises transform their networks from fragile to agile. We believe that emerging SD-WAN solutions and vCPE platforms will best address enterprise requirements for the next five years, as they provide the best mix of performance, price and flexibility compared to alternative hardware-centric approaches. Specifically, we predict that by 2023, more than 90% of WAN edge infrastructure refresh initiatives will be based on vCPE or SD-WAN appliances versus traditional routers (up from less than 40% today).<br />
<br />
<span style="color: #3d85c6; font-size: large;"><b>Vendor Landscape Changes</b></span><br />
<br />
Just a few years ago the WAN edge market was dominated by a few suppliers with long histories of providing routing. Security and WAN optimization was often provided by dedicated appliances, and even when device consolidation was available, cost savings were small.<br />
<br />
With the acceptance of SD-WAN and the demonstration that routing was no longer a magic solution that would be practiced by a very few, companies that often practiced coexistence are now aggressively competing.<br />
<blockquote class="tr_bq">
This Magic Quadrant covers more than 10 well-known incumbent vendors, as well as a number of smaller suppliers. In total, the WAN edge market has more than 60 suppliers. Unlike most markets, we don’t expect this market to significantly consolidate to three or four suppliers over the next 24 to 36 months. It is likely that more than 10 mainstream suppliers will remain for at least that long.</blockquote>
WAN refresh opportunities often now involve three trusted existing suppliers and one or two new providers. In many cases, vendors from adjacent markets are competing by bundling multiple functions (e.g., UTM plus routing) in a single offering that is priced only slightly higher than a single-function offering.<br />
<br />
<span style="color: #3d85c6; font-size: large;"><b>Market Recommendations</b></span><br />
<br />
I&O leaders responsible for building and operating wide-area networks should:<br />
<br />
<ul style="text-align: left;">
<li>Evaluate at least two providers in addition to your incumbent WAN edge provider for any significant WAN expansion or router refresh.</li>
<li>Evaluate the total cost of ownership (TCO) for any SD-WAN deployment. Savings may fund an early refresh, but a detailed end-to-end, life cycle analysis is required (see “Fact or Fiction: Does SD-WAN Really Save You Money?”). Many new WAN edge solutions have very different business models, with a strong shift from upfront capital expenditure (capex) to annual license subscriptions, which may dramatically increase your TCO. Quotes should include all platform, license and support costs for three to four years in order to perform a proper evaluation.</li>
<li>Evaluate WAN as a service for your next refresh, even if you have traditionally pursued a DIY approach (see “DIY vs. MNS: Enterprises Must Reassess Their Network Sourcing Model to Prepare for SD-WAN”).</li>
<li>Invest heavily in automation, including both time and resources, to create a “relentless automation” or “automation by default” mindset (see “Market Guide for Network Automation”).</li>
<li>Favor WAN edge vendors that can facilitate automation. As a key part of vendor evaluation, include an evaluation of the operational model of any new WAN edge solution to determine potential savings and differentiation between competing vendors.</li>
<li>Change your networking teams’ culture to one that manages risks appropriately, rather than one that avoids them at all costs (see “Bring Web-Scale Networking Concepts to Your Data Center”).</li>
</ul>
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Extended Market Definition</b></span><br />
<br />
<b><span style="font-size: large;">Characteristics of the Market</span></b><br />
<br />
<b>Typical business outcomes —</b> The fundamental business outcome is connectivity between enterprise users, applications and services that reside in distributed locations. Locations include (but aren’t limited to) headquarters, branches, corporate data centers, colocation/hosting facilities and cloud providers. Increasingly, buyers require improved agility, automation, flexibility, and application visibility and control, while significantly reducing operational complexity and time to manage the WAN environment.<br />
<br />
<b>Market —</b> WAN edge infrastructure provides network functions that support connectivity for distributed locations (typically branches). This market includes functionality that Gartner defines as routers, secure routers, firewalls, WOCs, WAN path controllers and SD-WAN.<br />
<br />
<b>Typical buyers —</b> Within the enterprise, CIOs, CTOs, the vice president of I&O, the director of networking, and network and telecom managers are typically the buyers of WAN edge infrastructure. Branch managers as well as enterprise architects can be strong influencers in larger enterprises; so can customers.<br />
<br />
<b>How buyers shape their buying decisions —</b> When selecting WAN edge infrastructure, buyers typically focus on several factors including feature/functionality, price, performance, form factor, deployment options, ease of management, visibility/analytics, customer support/experience, overall product architecture, vendor incumbency and familiarity. Current decisions are strongly influenced by changing traffic patterns impacting the enterprise WAN.<br />
<br />
<b>Deliverables —</b> The primary deliverables include network functions that enable connectivity for users at branches. Typical network functions include edge routing, secure routing and VPN, WAN optimization, WAN path control, and SD-WAN. These functions can be delivered to the enterprise as dedicated hardware appliances (such as a router, WOC, gateway, SD-WAN edge-device) or as a software instance of these functions (a VNF). The appliance may reside at the customer premises, in provider POPs or as a network-based/cloud service.<br />
<br />
<b>How providers package, market and deliver —</b> Buyers typically source their WAN edge products either directly from network equipment suppliers, or via a network or managed service provider (that is, as a managed service). WAN edge infrastructure can be procured via purchase, lease, subscription or consumption-based pricing models. Further, there is a diverse set of deployment options for these networking functions, including via hardware appliances, software (VNF) or cloud-based services.<br />
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Characteristics of WAN Edge Solutions</b></span><br />
<br />
WAN edge solutions are characterized by the following elements:<br />
<br />
<br />
<ul style="text-align: left;">
<li>Physical interfaces: This refers to physical interfaces to plug into the service providers’ circuits. Ethernet is rapidly becoming the default connection and link speeds are increasing to multigigabit speeds.</li>
<li>Physical topology: Traditional hub-and-spoke WAN architectures are no longer suitable for most enterprises. Enterprises are altering their WAN architectures in support of new digital business initiatives and adoption of public cloud services. Digital business is a key priority for CEOs, with 42% saying that “digital first” or “digital to the core” is now their companies’ digital business posture. (See “2017 CEO Survey: CIOs Must Scale Up Digital Business” and “Digital Business Initiatives Will Require a Hub-Based WAN Edge for Sufficient Agility.”) The rationale behind this is that migration of applications to the public cloud can lead to distinct challenges, including:</li>
<ul>
<li>Network performance problems as traffic is backhauled, which typically increases latency.</li>
<li>WAN expenses increase due to backhauled internet traffic.</li>
</ul>
</ul>
<br />
Thus, we estimate that more than 50% of Gartner clients will deploy hybrid WANs within two years. However, this complicates the overall operation and management of branch office WAN equipment, as traditional WAN edge functions are difficult to manage at scale in a hybrid architecture.<br />
<br />
<span style="font-size: large;"><b>NFV/vCPE Platforms</b></span><br />
<br />
Virtualized customer premises equipment refers to the use of industry-standard, typically x86-based devices for enterprise network edge functions, rather than using function-specific appliances. These devices can include WAN edge routers, WOCs and firewalls. vCPE is one delivery method for an NFV deployment (see “Network Function Virtualization Will Enable Greater Managed WAN Agility and Flexibility”). vCPE will increase the agility of enterprise networks, enabling them to respond to changing needs more rapidly. It should reduce the costs of adding additional functions at the WAN edge, reduce the effort and risk of deploying new functions, and allow the enterprise to consider smaller, specialist vendors.<br />
<br />
Today, vCPE is primarily a carrier-driven technology, but as carrier offerings become mainstream, enterprises will be involved in the decision-making process regarding which network functions are run on the NFV/vCPE platform. Further, organizations that rely on carrier services will likely be consuming services that are underpinned by vCPE.<br />
<br />
<span style="font-size: large;"><b>Routing and WAN Optimization</b></span><br />
<br />
While SD-WAN and vCPE represent areas of high growth at the WAN edge, dedicated routers and WAN optimization controllers are still widely deployed in the enterprise. In fact, some SD-WAN deployments today haven’t actually replaced traditional routers; they’ve supplemented them for a variety of reasons, including risk aversion and lack of support for legacy T1/E1 interfaces and analog voice interfaces. However, moving forward, these dedicated hardware devices are evolving from stand-alone markets to features in emerging SD-WAN products and within vCPE platforms.<br />
<br />
<b>Deployment Options</b><br />
<br />
After many years of limited options, there are now several deployment methods available for the enterprise to consume network functions:<br />
<br />
<br />
<ul style="text-align: left;">
<li>Dedicated hardware appliance — This is the traditional style of deployment, in which a single network function is delivered as a turnkey integrated hardware appliance. This is still very common today, as many enterprises have dedicated physical routers, UTM and WAN optimization hardware appliances. Cisco 800 Series routers, and Riverbed SteelHead and Juniper NGFW physical appliances are common examples.</li>
<li>Multifunctional integrated platform — This is a platform that combines proprietary hardware and software to deliver multiple functions, such as WAN optimization and routing, and may extend beyond just WAN functions to include voice, security or x86 compute capacity. Fortinet FortiGate appliances and Cradlepoint’s AER branch office routers are examples.</li>
<li>Virtualized network function — This is a software-based instance of a network function that can be delivered on an x86-based computing platform. Nearly all routing, WAN optimization and SD-WAN vendors deliver a VNF version of their software.</li>
<li>Virtualized CPE platform — vCPE is a multifunctional platform to support an NFV architecture, designed around industry standards to run multiple virtual functions, with possibly different vendors’ functions in the same device. The platform allows multiple VNFs to be installed, and typically makes use of industry-standard x86 devices, rather than function-specific appliances. Juniper Networks’ NFX is an example of a hardware vCPE platform.</li>
<li>Cloud-based OTT — Network function is delivered via a cloud platform, and the enterprise subscribes to the functionality. Examples include Aryaka and Cato, which provide WAN optimization as a service.</li>
</ul>
<br />
<br />
<b>Consumption Models for WAN Edge Infrastructure</b><br />
<br />
Enterprises consume WAN edge infrastructure functionality in multiple ways, including:<br />
<br />
<ul style="text-align: left;">
<li><b>DIY —</b> Enterprise owns and manages WAN edge functionality itself.</li>
<li><b>NSP —</b> Network service provider manages edge, usually as an extension to WAN transport.</li>
<li><b>Managed network service (MNS) —</b> Managed network service providers include system integrators and MSPs, which in some cases allow organizations to bring your own access (BYOA).</li>
<li><b>Hybrid —</b> This is a combination of at least two of the above.</li>
</ul>
<br />
On a global basis, most WAN edge infrastructure is provided as a managed service, either via a service provider or SI. Conversely, in North America, the predominant way of managing WAN edge infrastructure for a large enterprise is DIY.<br />
<br />
In this research, we focus primarily on WAN edge functionality that can address multiple consumption models. Further, WAN edge infrastructure must be agnostic to the underlying transport model.<br />
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Evidence</b></span><br />
<br />
Gartner analysts conducted more than 2,500 Gartner client inquiries on the topic of wide-area networking between 1 July 2017 and 30 June 2018.<br />
<br />
Market size forecast sources are from “Forecast: Enterprise Network Equipment by Market Segment, Worldwide, 2015-2022, 3Q18 Update.”<br />
<br />
All vendors in this research responded to an extensive questionnaire regarding their current/future data center networking solutions.<br />
<br />
We surveyed reference customers provided by vendors in this research. All vendors in this research provided reference customers, although not all reference customers completed the survey (n = 88).<br />
<br />
Analysts reviewed Gartner Peer Insights data for this market.<br />
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Evaluation Criteria Definitions</b></span><br />
<br />
<b><span style="font-size: large;">Ability to Execute</span></b><br />
<br />
<b>Product/Service:</b> Core goods and services offered by the vendor for the defined market. This includes current product/service capabilities, quality, feature sets, skills and so on, whether offered natively or through OEM agreements/partnerships as defined in the market definition and detailed in the subcriteria.<br />
<br />
<b>Overall Viability:</b> Viability includes an assessment of the overall organization's financial health, the financial and practical success of the business unit, and the likelihood that the individual business unit will continue investing in the product, will continue offering the product and will advance the state of the art within the organization's portfolio of products.<br />
<br />
<b>Sales Execution/Pricing:</b> The vendor's capabilities in all presales activities and the structure that supports them. This includes deal management, pricing and negotiation, presales support, and the overall effectiveness of the sales channel.<br />
<br />
<b>Market Responsiveness/Record:</b> Ability to respond, change direction, be flexible and achieve competitive success as opportunities develop, competitors act, customer needs evolve and market dynamics change. This criterion also considers the vendor's history of responsiveness.<br />
<br />
<b>Marketing Execution:</b> The clarity, quality, creativity and efficacy of programs designed to deliver the organization's message to influence the market, promote the brand and business, increase awareness of the products, and establish a positive identification with the product/brand and organization in the minds of buyers. This "mind share" can be driven by a combination of publicity, promotional initiatives, thought leadership, word of mouth and sales activities.<br />
<br />
<b>Customer Experience:</b> Relationships, products and services/programs that enable clients to be successful with the products evaluated. Specifically, this includes the ways customers receive technical support or account support. This can also include ancillary tools, customer support programs (and the quality thereof), availability of user groups, service-level agreements and so on.<br />
<br />
<b>Operations:</b> The ability of the organization to meet its goals and commitments. Factors include the quality of the organizational structure, including skills, experiences, programs, systems and other vehicles that enable the organization to operate effectively and efficiently on an ongoing basis.<br />
<br />
<span style="color: #3d85c6; font-size: x-large;"><b>Completeness of Vision</b></span><br />
<br />
<b>Market Understanding:</b> Ability of the vendor to understand buyers' wants and needs and to translate those into products and services. Vendors that show the highest degree of vision listen to and understand buyers' wants and needs, and can shape or enhance those with their added vision.<br />
<br />
<b>Marketing Strategy: </b>A clear, differentiated set of messages consistently communicated throughout the organization and externalized through the website, advertising, customer programs and positioning statements.<br />
<br />
<b>Sales Strategy:</b> The strategy for selling products that uses the appropriate network of direct and indirect sales, marketing, service, and communication affiliates that extend the scope and depth of market reach, skills, expertise, technologies, services and the customer base.<br />
<br />
<b>Offering (Product) Strategy:</b> The vendor's approach to product development and delivery that emphasizes differentiation, functionality, methodology and feature sets as they map to current and future requirements.<br />
<br />
<b>Business Model: </b>The soundness and logic of the vendor's underlying business proposition.<br />
<br />
<b>Vertical/Industry Strategy:</b> The vendor's strategy to direct resources, skills and offerings to meet the specific needs of individual market segments, including vertical markets.<br />
<br />
<b>Innovation:</b> Direct, related, complementary and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or pre-emptive purposes.<br />
<br />
<b>Geographic Strategy: </b>The vendor's strategy to direct resources, skills and offerings to meet the specific needs of geographies outside the "home" or native geography, either directly or through partners, channels and subsidiaries as appropriate for that geography and market.<br />
<br />
<br />
<br />
---</div>
墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-18068399398379347552018-03-02T17:18:00.000+08:002018-03-02T17:18:33.512+08:00Script to retrieve Google Network ip block<div dir="ltr" style="text-align: left;" trbidi="on">
This is the script to retrieve the Google Network IP block.<br />
<br />
This is useful if you need to only trust google incoming ip. I use this script to update the ip list daily. So that my nginx only allow traffic from google.<br />
<br />
#>cat UpdateGoogleNetworkBlock.sh<br />
<br />
blocks=`dig -t txt _netblocks.google.com |grep -oP '[^_]*v=spf1 \K.*' |sed -e "s/ ~all\"//" `<br />
<br />
IFS=' ' read -a block_array <<< "$blocks"<br />
echo "" > /etc/nginx/conf.d/Google_Network<br />
for i in "${block_array[@]}"<br />
do<br />
<span style="white-space: pre;"> </span>echo "allow ${i//ip4:};" >> /etc/nginx/conf.d/Google_Network<br />
done<br />
service nginx restart<br />
<div>
<br /></div>
</div>
墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-60557774637845268172016-12-18T00:00:00.000+08:002016-12-18T00:00:03.030+08:00Zeroshell 3.6.0<div dir="ltr" style="text-align: left;" trbidi="on">
I've been using Zeroshell for more than 10 years and it is reliable and easy to use.<br />
<br />
The firewall with the following features:<br />
<br />
<ul style="text-align: left;">
<li>Load balancing and fail over of multiple ISP</li>
<li>Support 3G modem</li>
<li>Radius server for authentication</li>
<li>Captive Portal not limited to wireless network, now wired network also can have captive portal.</li>
<li>VPN</li>
<li>and more....</li>
</ul>
<div>
And it can run from Live CD or USB drive, can you imaging how small foot print it is?</div>
<div>
<br /></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3-TRfHTXdZWrnzfIQCu7lzcwnh-d3Qjpl1jKDJW28VZgmdOL7-L9hSp64GkXnk72j3wAwP6A9WrFKKpU70oyuhtEwrmFY3c7zSrQeDRtwr_suK27O8o9pTj3d_M4W35qjErjL5SrxTw0/s1600/screenshot2.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="420" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3-TRfHTXdZWrnzfIQCu7lzcwnh-d3Qjpl1jKDJW28VZgmdOL7-L9hSp64GkXnk72j3wAwP6A9WrFKKpU70oyuhtEwrmFY3c7zSrQeDRtwr_suK27O8o9pTj3d_M4W35qjErjL5SrxTw0/s640/screenshot2.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Web base administartion </td></tr>
</tbody></table>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><img border="0" height="336" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhMpYPUJalRhyphenhyphen54g7VtNucqmO42daFuf6mmlycv3YURLkL9ukKcrEEiaFppbIlc5l-fEJLXPt83IsPaTaya6ERPQATEq7_uKwDADdhO_VOQiM8mqOJyuYtI7q38MlpE2HwEs7CbPXzZdw/s640/screenshot3.png" style="margin-left: auto; margin-right: auto;" width="640" /></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Maximum load only 15%</td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhMpYPUJalRhyphenhyphen54g7VtNucqmO42daFuf6mmlycv3YURLkL9ukKcrEEiaFppbIlc5l-fEJLXPt83IsPaTaya6ERPQATEq7_uKwDADdhO_VOQiM8mqOJyuYtI7q38MlpE2HwEs7CbPXzZdw/s1600/screenshot3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"></a></div>
<br /><br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhjiDzhqhLDleqpzULWjZ9OlguEC2aVjMhmMndVnOJ4bRg5zLURAe6wMJpJoZBKHcebbPhC9_BQshrLrMSdmfNmKyQ2eNWBC3QrK7-TQ_huuygILn1U0FyQIwYNnphSmTI4z2f55z5LgA/s1600/screenshot4.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="336" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhjiDzhqhLDleqpzULWjZ9OlguEC2aVjMhmMndVnOJ4bRg5zLURAe6wMJpJoZBKHcebbPhC9_BQshrLrMSdmfNmKyQ2eNWBC3QrK7-TQ_huuygILn1U0FyQIwYNnphSmTI4z2f55z5LgA/s640/screenshot4.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Maximum memory usage is about 1G+ </td></tr>
</tbody></table>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><img border="0" height="418" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1NDFMR60wTtdtu1RyIcyeSIjIgRVqNghN-iVwDTqI_ZIq-jVrwb4ABMAsUrdtW7KQuulg0K2976dJSu6oSR_8fwjYkE1Woy8KLn9wXT5gFR85ia6a6tjN3zOOAPapLjQJAIA65dO3uIQ/s640/screenshot5.png" style="margin-left: auto; margin-right: auto;" width="640" /></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Zeroshell also able to tell you who is the heavy user</td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1NDFMR60wTtdtu1RyIcyeSIjIgRVqNghN-iVwDTqI_ZIq-jVrwb4ABMAsUrdtW7KQuulg0K2976dJSu6oSR_8fwjYkE1Woy8KLn9wXT5gFR85ia6a6tjN3zOOAPapLjQJAIA65dO3uIQ/s1600/screenshot5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"></a></div>
<br /><br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqomcwAOk3ux_mLFCMI8Cx1gMQZACrJeQ7TYf6EYk4qEhZaI7gZXkq7kEi6JFzAz0kVaD4cbRZiD0-DMpTWtUwcanjnRZLf17bV_JKpmIERQzzLblgRSoiqSwfiymPWZSbryWgNBB8XHU/s1600/screenshot.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="422" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqomcwAOk3ux_mLFCMI8Cx1gMQZACrJeQ7TYf6EYk4qEhZaI7gZXkq7kEi6JFzAz0kVaD4cbRZiD0-DMpTWtUwcanjnRZLf17bV_JKpmIERQzzLblgRSoiqSwfiymPWZSbryWgNBB8XHU/s640/screenshot.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">It come with package manager, so that you can upgrade and update it easily.</td></tr>
</tbody></table>
<div>
<br />Can wait to have your own Zeroshell firewall?</div>
<div>
<br /></div>
<div>
Feel free to visit <a href="http://www.zeroshell.org/">http://www.zeroshell.org/</a> to download the ISO image and also their installation guide.</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
---</div>
</div>
墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-22432533360613506702016-09-30T22:07:00.000+08:002016-09-30T22:07:47.845+08:00Microsoft Azure Backup encountered and internal error. (ID: 130001)<div dir="ltr" style="text-align: left;" trbidi="on">
When you try to install Microsoft Azure Recovery Services Agent and try to register Server. If you received the following error:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVOrIG_2Sdle8JvSInu4eq6MiVDkDx2LibjUkrCS6Jtc0blQQ2cGjRNApAVPUE1V_GUI2MoEAgHYEU2eRDTH9zRccPRVyUDRqizXz33oFUtl-QyefuvnNEpGeVP5VyBki42hF5sqmsbnA/s1600/AzureRecoveryServiceAgent.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="238" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVOrIG_2Sdle8JvSInu4eq6MiVDkDx2LibjUkrCS6Jtc0blQQ2cGjRNApAVPUE1V_GUI2MoEAgHYEU2eRDTH9zRccPRVyUDRqizXz33oFUtl-QyefuvnNEpGeVP5VyBki42hF5sqmsbnA/s640/AzureRecoveryServiceAgent.png" width="640" /></a></div>
Microsoft Azure Backup encountered an internal error:(ID:13001)<br />
<br />
Wait for a few minutes and then try the operation again, If the issue persists, please contact Microsoft Support.<br />
<br />
One of the possible root cause you store the Vault Credentials file at the network drive.<br />
<br />
Solution: Copy or move the Vault Credentials file to the local drive then try to register the server again.<br />
<br />
Hope this will be able to help you.<br />
<br />
<br />
<br />
---</div>
墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-88357522469066188232015-12-30T14:15:00.001+08:002015-12-30T14:16:14.495+08:00Random numberFor any reason, if you need to generate a alphanumeric password, the VBA code below will be able to help you. <br />
<br />
1. Press Alt+F11 to bring up the Visual Basic Editor.<br />
2. Right click the book object and select Insert > Module.<br />
<br />
<img alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAcIAAAD8CAIAAABrfTN7AAAAA3NCSVQICAjb4U/gAAAgAElEQVR4Xu19DZAlV3Vej7Sg5S/zjA0SeMU8sInXoHjHRgULEcyTirhkDNlRWSlwgNohYAmCg3YNKf5qszOlEKFKybsLjsJPubRbmLJUUaKRf0AVZDNTgmIXZDyyBKWkJPEWFmlLKPiNooKRIu3k9DszZ8/ce7vf7e7b73X3+1pbrdvnnr/7dc/3zr3dr99Er9eLsAGBQQgsLi6eOHHisssuG6SIfiAwdghsoz+PsRs0BpyKwN69e1dXV1NV0AkEgMBZBLZRiQE8gIAg8IlPfAJoAAEgkAmBbTfeeGMmg0zKExMTpL++vq6t/u7qiYu/EN19VYR9WARe8/ktOGc6U6J86tSpfIawAgJji8CEwXEBgYg5lP+u6f+KSUke5A8+YKoNcEUfTkFOJdHojh077Ek91kYbcJFgCCUhcE5Bv8SJXHK6/VAxupVDSY3qUGzBEQCqwSGFQyDgiUBRGo3DrK8zmQqfCrdSfWSXSDSTbdhGFBaExfz92JrNQ7VhFwmG02AEtumxfehDH0oa6mc+85mkriievPdn7/2VUOJQdeQwIgq4erMm5T9+5iBeKNQGmhqEp0RoMFcmHpGIjvxcohR93VUkJVfYszIjAcaKhElopHtDLxAAAgER2EKj5NdJlyn0SiZUb+p5vRxyw1mNvubzaUMQbtU0kWSQSVmcZOLcpNBJ8nwpJXkjucHOTk0Kup6KqtMKQiAABIojYNJofo9Ugm6ukzJ1xmVpFDOswaREClSNZtqkFqNGOrdqTaEziWVIkhRIXzOXcK44F4e2xDmuFG+sb9O69ky92oOYkJD+2aNw5gAhEAACJSEQYG10oxTlqf3WZ5ucSfOfvfzx20zE7EC2Nrk4HdpCIR1xrrlGu3UqaKFWprZPSkb+A0NQ/pIwj0VM7KElSXwSS7KFHAgAgSIIOGiUbxDJXrzz1F7vqUsqTWrQ+ujS8jIJyXZhYSGe1NN9emszKMPqj6lKs56toCUGZ3GXJ9+JH3GSHsuzN1P+ts8cHEpOBqJqB4IECACBIAg4JvX2aiZH4mVTvec6dGlpqdPpsM7MzEzcWF+fn5iY728HDx40EiWWSV8bNfSFIHRDiq8gVVgQJ5nOB33MkP7b+jb9ZtzmBvvhLvEpOiLRhtT+q5fO/5W213qB2ueff/73vve9QM7gZgACr371qwdooLsyCDho1DM34lAi0A3e7FegZEiSeL+83OnP7p1kSmzIa6NEXv6VlzBdY8quAwcOeEINtXFD4Nprrx23Idd6vPlplCpNLkLj6fz6+nJ/Os8S4taNry/17zuRJnVJWTqwGhWiLF4kMlOnODQUKE+S2FZaorMSuRYa4WxvfMWcc45jRSX3xXTmzJnctjAEAkCgCAImjaY/26QjCS1yHcpLAVyNshrLDQ6lLqlGqa3Zxz5kP0k6htypnORTDySUn5RYzhA6B7SBABCoLwJbaNT50GjK2PS6pybTJAJlV8QpmdZGUxLI1+W/kuDjX4pNcKUPXNABAs1DwKxGc4zQJlO7AtVudTWaI1xxk+B8F9xh8THCAxAAAkNDIACNcq5MpvZ9eXsk/fJt3N+V97b+ejE2IAAEGoCA+RWj4kOi1dWsiwPFg9bOAz3wZH/k6MeJaK2Z7ho988wzNDTac5sPqeuNb3yjMWTcYqrdNZCSMN2pxwNPKfhUrSvkzWIeGzi0yDk+b3N71rOeRc3t27dTg/bUfu5zn/u85z2P9k8//bR/iFtvvdVQZokt9/cpmuSEN3/bIHH9w0ETCAwBgWCTesk1UzXKT6GLrV2gDQGCSoV48sknKR8pRan8lFKUn4Xg3uI5X3nllQWdECGKE90u6BbmQKB2CISnUf9q1J7Y2pKRA6qfQCg7mW3btk1OTtL751/5ylcasZhMiUmp8d3vftc/E2K6MvjO4M3ipOw/ImgCgaohEIZGU542TWJVZsz+fn5hgb4zyvuDRn1KeBklqsFrckgNqddCoax9Ov1zdAlXPAHx8KMf/YiWO2mjKfwrXvGKhx56iKJceOGFmWb0KTgY3EqaTIVJnOtfb8q0XXOrCHVKLAQFp5wmdNUCgTA0SkN10mUKvTI6WzmUmNQkTZtVk2AtTmFJntPlwePyzSJiTI5LhxRiamqK7zIFv5Uk/GgQJR/6sydnq/WdnoVPnb3pUKMXCFQTgfC3mDKNU9WhUpPSizom+uzJe4c/ohUuA41qkVVJyBsdiprd5ZRoW61gtx1p9UUcUfSTojjNmSi565FHHqHZ/cmTJ2mwP+hv3Oab9U7zJCHP66k3iRNJLuwmytpbkmFSRE+5jutpAjUgUEEEglWjmcbGNebmfp5siU/tPdeqmTxrYmVDkegubhvKtgJ50MWms/AU3uRepnjZkwdnlKQqm9dAyeolL3kJ7fmQfqqT2TO+39R/BCrsNqpp9ajihkUP3oBASBoVQmFYhXT43r3ek0L6TXlimf5Xoeife9M85dbYlDq5T0wMjkt35ey1/Q/MjYLyF71shzyFJzmVokyaL33pS6ky5SXRF73oRbbJSCRctAoPeparUvOOJGcEBQIlIRCSRm1C4aTtF5WynF4KNTPTWV6mt+2Ze6pDYxYteeOEmf2Tki8jBYrlrEb16qeuRl/84hdzWUqG+apRg/X0oPQsnmlRK2cyJLe2Ny00evVKQhk4wycQGA4CIWnUP2MqRYlHaO/kUGbV+fklotIUNg1FfFw8+ic/UJMr3Hx1LrPk448/zg+Q5iNNZ4ZSOXKvPjS6SCG9V/zbhoatrenp2TkECIFANREYDY0KFnYdKhJ6+3MOyDQnGjxrdzmXNTmozdFibnTppQzWYQVpG3H50PnxQF0PPvggJXDvvffmGPvITZxzdifVjjzV6idw/fXXVz9JZMgIBKPRgc82GYhvFqTrMzMTSTUpcY29hGqwGLkV2uIQWsFQTj8UV5JqVn3Dg5jbfpyT+ov6W30vTTBmwHP3ne98J6A3uCoVgfCPrPun66QSw9ymUX//VdbkNY2AGQZ/njRgbnCVFQF6NckFF89mtYL+qBAIVo3KAPy/U99UihzVuUTcJiHg/FXdJg2wSWMJT6POrzM1CTKMBQgMAwHHb5MPIyxi5EAg/LeYsi6SStK5DXMMGyZAoOII0K1LbHVBoELVaKYyNmVdFWsFFScIpOeDgH4CxEcfOiNEIDyN+q+NGsPOauikS6JXuv7su/kjhBihgUAOBM6ZwKw+B2yjMQlPo5mKSj1oH0P9EW0/eilPPnkyqadakTMzhBBF0oNtZREAi1b21NiJ1W9tlLhS6NJo0PCIW5lqnXMiEspmY+EpsT3bEnZFcqmLg4T2zBBqDUBgYoLqUfyrBwLhadSnqHRe5Z6GzEfkwW6QkEl2aWnJDsGkxgrCbrZaVkkSh2o/JYXOmir0gQAQKAOB8JP6rEucMipPQ2ZAKfR0IwdAQoK6bGQ/AyVSCzuZVBLzzIp/FpR8ygtKpM3vJRE/dHjppZd6uoVaTRHA2miNTlx4GvUsKm2MPA2Fs+yG7VNLiJVs0tRcyQoDJeRTdNIjSq8ztG1LP/8pQn5jnuz5HSV8uLq6attC0jAEnJ/NDRtjY4YTflKf+/FPNkzfE+5EScxidmPgWWETTWq2CV2+vEmXLbGtBkp8QtNbndbW1n72s5/9382NXvVEpNnr9WhPG4mfeOKJgbG0gv26EJbY8kxuWZlfX2+4cnp2CnNEhAkQqCAClatGuSZN2hOCdhEa9nObOVqfKltS0onkd4yKc/6aPEXnBhek9FP13/zmN4snUPw1IsSM4kS3nbllCjfQmzNEw4TnnIMHnmpzSitXjQ5Ezi5CRTLQNpOCzc62JJNDH+Vut/vAAw98//vfv+eee0j/pz/96Y9//OMf/vCHJKftvvvuo1rVx4/oEH/pSjAUQxl+jCiZMoSyEwGZA6FRfQQqV406LyktzF2NahJMKjD1fJ91UiSswG5pb/hkQ63Do0gKzb3tdpsaUofSNP9lL3sZH5L8xIkToV7kbNSS5JwLxqQaMyv/Mnc7y1Wji0IL0Qsd2zr6GhiH9jkT4UucccBtJGMMT6OeN9zt0foYCgfleNGczV9aIu10NU7baWiPSCS2zxRl3UVLpVSW/vznP2fh/+tvnraeasKPBlHyYVb25KBJPqnX7jJCMJNmWgTwHGm91IYw9akXIFXONjyNet5wt0HJakg/5WQ7qZSE2NOuUgdmqJdEuRRlFubb9PzjIgOdaAUhpiROJLnoO1ksyTApjXQS1OGSPECOYrRG10B4GvUpKp0AZTXsdDpOP5USZq1DaQGUfgT0qaeeoqrzVa96Fd2dp8VQahOH0nSebtNPTU0FH2A669U9XPD8h+MQk/rh4BwkSngazVpUyjAyGdJ7SZyvJgkCygidUPlJ0Yl8uSa110ZlnXSESVJoo2jNWq6ONvlaRMekvhaniZMMT6NZi0oBy98w5QrLWv1V6lTp6TwlRof22ij/YH3WtJ1TdXbCXdKmhlbOZChZybTdrnOTwtkJcCZZR9oYfTzwVKNTad5frkXqSQuOTK+1YFL7Fhl9GZSeG+Xnmfjbn3xTnttcn1KbGg8//PBb3vIW40xVpEpNun5QriYh45TTbzFNX/5vnF0QVhCBWlajKTjmu6uT4nCYXcePHx9muDJiOW8f2TVpGaEb5pNe79SwETV4OA2sRvls+dSkSVVtwPNthJBDuxotGLSy1SgTK5g00/mlavS3fvcPMplAeYQIhP/E4y/F5xjSQMP4zfb038ICO+c27SUWUSdvzuhEYXpL0rHlvFawEVS9TVfLbStIGAEiUHBojovBuFxxWGUEwk/qM91w15fXQMP5aH794DrxZvxuZtrTO5r7/zyvUa5P6WSkFKopXZ5RoAYEgiCAt98HgXE4TupUjTKH0l4IlBoFH3uSjziGWwpMQ55+MpxOxJXTc7pD9AKBKhdfyM1AoE7VKP1pCZNKNRotUDkaV6n5/vCk/CRcnO046OaXkVhH76nXaaiFhg5HSfll03wDgVXDEMBrm2t0QitXjfIKadKe2ZP2Rk0aHHHiwSI+9eKAQalF3MJ2fBAw6h0cVhqBGq0G6vXQs+ukrnl9CnM5i0f642S50Utyxkf3Gpq2wxSJdA3tTr3zZ6nGh4xqOtK77rrr9Vf825omP4Zph5/U+38ZKSvcekmU2lyTxnfqF6KCK6TOTHguz10yr2di1UTptDWE2txHP6BOLd48EHC8zXBFNPq6qWc3YyzjMIrwk/qBN9xzw0pcSXP5mDHnY95kJmVuze3TaUgsyZtPqc4UOVBfSJk1nXEhBAJAoI4IpD39k2885VWjks/AYnCgQr6hBbQa2qQ+YM5wNTQE6PF7foH30CIiUBEEwk/qy6tGi4wTtkCgXgjQLx3UK+FxzjY8jQ6hGqUTRvXmOJ82jL3xCNx4442NH2NjBhieRodQjfosWTbmDGEgQAAIVByB8LeYBn41vuKIID0gAASAQCYEalmNZhrhmCufe+65xo+JsoT2goytQF1amKKcAq8dOkXZ2ZUvrtOVv7B42v6xoNkMBMLTaKa1UeM7kWU8/tmM81TGKIQofYgjkzJna7Bz+hCScsgRNz2Qs1dHz5S201t1hHwLYYSPLVcHilIzCU+j/muj9kM/tiTU4JMegUqSh4o7cj9ECpojkthK8hSFgZojHxoS8EcATOqPVQ7NMDSash6axKrMmP39/MICvaiJ9wftd3YYJap8wPJojcMcEMAkHwLMs5p22Y+zfiQ16nUuFDDRU6+t40zMM67tzZCIH44ivTIiZ0q2W2eSxYXyLIrcUNVPp7AwRYLbsMVPgb+HMDRK8Zx0mUKvnOJWDiUmNb/WabOq/9igmY4AMwLp5J7GCuMY1GM4tNW0PidgSAZmziGS4qZEdJo4o6c4SU8vSK8QJU+YdLlAbRZyIM2zhpWRibYKkiScMALh79RnQlbVoVKT0svtJ/rsyXuHP56hUIdxWfDlxRccmxkSo0u7HmjryKMmIl3uaYKjNm/EFzwUzSZiJV3Ua9CN9pYOBtum6zh72TBrXGdidg5ONZ2GYWJg4ky4VCFfpUkh+O9CX+RJmpCHRWA0NMo15uZ+noZEfGrv4+/Ne29MqXQlGSTLknQ3RWzTPdeuV2iLGjr5Tcp9Jt+IcpvnNrTzzOHKNhktk/LFnHRJM4FSrz12SEpFINiknrI0PgbldPK9e70n5fSb8sSw9EshUUT/3BtzZcArxv4MZ251h2+i1Kj4eIhOYRNHn2dMAo7dyOPO2wZ06Q3VkBRDVqP6o1ITHC+b6j0Pbnl5mbjXuc9UhwaByvic50O6Xm16DRJuyE64hqK9jiuFpyHPkRv7Z4e2N93LzlMkmaInxbWHZkfUgaTXKZTCPGmAmXLOp8x/UHJBOgsI0UkK4bRKUobcH4GQNOoflUpRqjdnZmaWl5dmZjrOPVWj/YI0cSvpmtC8WVKIxCGV2WGwGx3KxmENBS1M6ZKUDW/GUOzeJIk2zB3Xdk5u08fLvayWNCjRMRCTPJ0JG1BkOuSPczbhti3RDg0dUW5GNZAJumEqh5zU58g7iUNJHkVLmRzSFSPXCtOflsiF6LyebFvDVaZMoFw1BKSclMSC813Vhmznw38UthyS4ggEo9GBzzYZuXJBSi9inpmheb27JqVq1F5Cta8GkaR0SXRDJ8nWdlUc6/HxwLRVHaqqTiajugZwPZeKfBgadT406pN3/2b9PBWeS0vOvY8P6FQOgdHS1mijV+5kIKHyEQhDo/nytCvNfH5gBQSAABAYIQKjucU0wgEjNBAAAkAgLAKjrEaNkWR6NVRYFOANCFQNgVOnTlUtJeSThECFaDT3AivdVZcVdN1OGjPkQKD6COzYsaP6SSJDRqBCNJqvGu3z5saX6+N2FD/2VJf7khd/IeB1iPWZgGCO0tW333eGwvNXpUeZx3jH3rdvnz8AFaLRHNXoJoeeHe9EFJhJk0g5Se4PPWve8Oac31LPGgj6tUDgw3duvMrgwIEDtUi4kUnSD1xnGleFaDRvNRr1q9GNUcfVaOT+0VAiPlLS0399mAm1gcqhSHZgICg0FYFzzgk5vThzJq5wsfkjsLi46K9cIRrNWo1u0mLMoUyOtN+Y1ycwqT8uRTQ5sSIeYAsEgMBoEThx4oR/AhWi0UzVqJR73LD3Tgg2eJbZVn15VIjPqFXFia4udZsUbFuO4kwAQiAABGqBwI033uifZ4Vo1Kca1XTJg9xSh/bftJj1/pJNkYYkBU3bNkUZXUCgIAInj9z++LO3nXn86SjqRWsR/eutcSPe90hCG0miaM9XDxWMBXN/BEKuv/hHdWryt/JT9jFnqRvxdMgbeWM6o73TsxZKQTpQ01NBp+FpMmS1zq9U6MNyyGNvTLiFYyd5LJMvm2ztbLV2trf8m55uTbfbG/+mu6djJsU2NAQq9Admv5bUkHz2s5+VG/ExQFR6Em1uPu0UCzZn60ODj4MOM9xoYxEjLz1IpRC2oSOwFhGTzlLYP/kb5sj+vl+Kxv/bKEI32kPPbswDVohGfc6E3IjfWH/cyqRcjXJlmuIt66w/xZXuGhjX0w/UGoxA7s8hIsrp9tTRlWh+cc/keVsRejJaFUGfVTvveM813iDKq/vZwjj0dKNfRTiGr4ap0KR+4AmLqbP/WChrxmzIk/j+nfqYQ/lXaNS9o4E+SYFteW7ODKslEss5ebdtSV/Y3Cf6MHV4dk97Y5pvSOxDSlKEtvkwh9CAWAb4viMiftwetXdOzR0+ufpkFNG/KKJG/I9a/YXR+F8UrXQ3pv++ngPpEXvyFshfndzUrRrdOm3XdeVZJu3zqV0bamU+RSJJ6ZKTaehksq3OFUF/wzwrtxucpFPuFFZnULXLRPD0z3zj9hHVpMSk8/e0W91er3t4/prDn1vu32Xq8X7+Ywf9fUIzBQEuhkTBpghtWzMapdRTxrPBpKRUn++DppzIMrrslU2SGH/VdrlkW5WR21j5zMyk/dn64h33TO/e1d65q3t/dHR+Tx+x3tzsdGt7K2pF8x87HBZD4/Xb9iGVnymLADLTl2k+Kxt7ypkVDP9hx5LVG5OJsI1dlmmH9aPRdDhSSDbdcJx7DSYFaQ7hYsgKclyN0pydStDj90QX7Gq1d1FNenR+F8kPH13kG02Udv9eU5j0DX6UQy032hxYONFgT+51mmsCNeKGGUxQL7pQZcJpGo0GhQvOgEApCGTl0H4SNG2f6p3u3nbT3kv33xOttVsXtGMm/dgeoU6+gx8qY7vSZLLT/oUoSajbKTkkmXiap3geTpdRlvIhaHQ44Fc3Ck/h5Q+bK1NO1/5rl167q7ojrFhm+aCTavTllx6JWu1Wq0c02r6gPX/05GynJSun8VgDVaPkyWDSujBdwBMuhae+F2Ism1I40GhAzCvqSlOkpOgUcq/xd55+WNExVzWtfBzKo+n1os7lc30+pWZ8X77b7bUvaB2+udtdCbwqWlX8hp0Xs6fmTbsapZxAo8M+MaOKZ984okyK/FWPaiBjG3dp5Z547BtfAI1vzROTrqz0p/Jr0w/+z6te+ILn5ACHS04xlJJTr1dSr1bzKUuz6ufIfGgmxu0miSv0Chod2rkYcSAw5ohPQLHwXz+0655jLycf3V7UbsX7VivqnY739NXP1vboL//TPD1YGpep2+Ny9ZpDG49X+4R10qItNCT60FamuLYwySRJ7pN8STpMkVJ7CpNyg4Nym3Tq9Ph9SXjBLRCoCwK7pucoVd7PTM9Se2Znh/Z7puP93p3TtJ/b2V7p0v+9Nio5nZuXcaOViCJ5k1HSIbd1F7dRjTb6WsDgGoQA34jf05mjMe3pzNLsfs/uDrX30n4t2js9vbrWm5tu95+L8h22XTD6WkJPIQAaxeUABGqCwFp05OjhjZvy/btMfFN+UxKPYsst+5oMqwFpgkZHfBLlt3dGnAfCVx6Bmat/MFP5JMczQdDoKM/73VcFi44f2wkGJRwBgYwI4BZTRsCgDgSAABDYigBoFFcEEAACQKAQApjUF4IPxkCgPAQu/kJA3yiYfMH89vsy/xg1aNQXXOgBgeEjcMObnxl+0HGOmO+WLz6jxvmawdiBABAIgACq0QAgwgUQGDICv/zU15514nf+8fUrq9suGnLoMQk3MbFAI11fPygNGThLdC9otPlXxUjeg6vfTclflZE0RpJPk07z5FMrxKFTlx+N7piOwKTlnFomUGJMalAEu8FCJlNM6ss5CePkVTOmHjexJ28sxPcOQ10Uv3Di4qnLD0fbW1Odw7/wrfh79LRNnr5v5ktX0j5UFPghBJhDk6CQXtBoEkSQA4HqInDy+HzUW1le3Ld4PE6S2HP6L+ej6VnaTz6cjUmdb1Akn0lyG5R0zfRe21sdJaDROp61nDlz2chv9GEXuk0SW0Gr6arT0DT8OPNzFq0+hk5v4yx8bNed9PaRI5+eX7k/+sU33UBQTP/nTkQveWpFUbt98t0b9ak/RDbT2RJ/b+OjKYukoNHxOenxSIm2eKLN/CVtQUErsFAkpKypUOSkpifv2lU6S9qxxutk5B3tyZ+/cvmc+B0lz3/TFy983TXkZpXeP7p4OLp/5Z7Dh7vhfkQkb4JNsGOKtPeyZiqrpTRa3GJqwin3H4NeoHQuVjqFTv8DNQcqkFvNy84oEAoC8cz9a/Nfe8Mn//bOr1z+jg+88KJ/fcfN//XCXT8/b/tzVj5yy8yfvP3I/GFS/rVbH8gKGr3Sm8pPebE3t3VBKm398m+7YrWdGJmwSS3eIK5XRY0VUnvBFDSa9ZKDfkgEfKg2ZLza+tpY/dw9+y/+9lPP/t3/GE2+kIZCZPoXx/6Y9nf8w/3P/sNboo+8nTj0OS9phx2lkxwNoU9EMdG2PoZV05G5PCXGlAoardo5Gut8eJpPENiNscaFVz/fMc+rn729F7X+5ulH1lZu+d/ve+fvH/2Lm/74X8790VOTL3z1HY896wW0Pppnk4K0VI6zC9g8uY7axq5GsTY66nNSsfi8miksRtnxkijLncWjKGQdivac1Xbc9I3Vz58Qh977vrnOvi//r7nL3v2ub3zl5v/z2OpfL2174KGnqowMkTX/q3KSOXIDjeYArWYmwn2aBFPa1KV7abQsSTIRBY2L4YF1WMHwo8NJl92oGeih031g4U76PWVa/VzqRb9y091fvvd9nenZVtSa3T13/V+/9U173n/X18/tTE/e972nfvLY0/mCGyuknk6cBaZT6OmwjmqY1NfxrGXIWe7h2LyWwQtUR43AExd1/u6Td0Z/8Gbi0Bf80+nul3pLvcXezu7i0tLKSveLvYc7u1v0m6DTO6Mv//nxff/ukoD5Mr2yQ7k7JEKjlwlUCyUTp5+AeY7QFWh0hOAPIzTYcxgoDyXGE6/qTH9zo9K8+jf/7PN//67FO45S5C9+8vinPkW/wtTrTPe63d7S0lImGhVmJFc+bRmrptQUYZLPoWA2pCCg0SEBXYsw4NxanCZK8tcv2n119GcfWLnkpgN3v7w1/eG93RuObTv8uaPUdd31+/xHMXD2rUnQ3+24aYJGx+2MY7wNQYCY9DN/dCdxKI3nn/1Gm5j0wELMob/+q8/3HyFY0h8rQ3NiYkJ+uR63mHLDCEMgMGIEfuOXO5IBMemB//CBTBw64uwrH56IMiVH4VDSQTWaAhS6gECdEHjNrl+sU7rVzpU5VJhUk6YtBI1W+2QiOyAABEaBAPGmnrbrFJhSda0KGh3FKUJMIOCHQL6fBvLzDa1gCIBGg0EJR0AgLAJ3XxXM35kzmX/tMljsMXCEW0xjcJIxRCAABIohkH67CdVoMXRhDQSAQEMR4OVRHpzzFhNzK3WBRht6CWBYQAAIFEZAs6c4s4WY1BdGGg6AwKgQ6N4XffyK6KFsP740qmQbHBfVaINP7sbQbr31VhnklVdeWeqA7Vgk4aDSKDWBMXJOHHrsQPwTTA8puPEAABJ+SURBVF888OSlV5732+8co7FXbKig0YqdkHLSKYM9k2jRiFVG6HJAqrrXY7csS4qtte6e+xej3bOxpN2+4+p39T69g3v3vn2m6iNpXH6g0cadUgyouQicpcgrZiN6GT5tpzd+xu6aPnu+Z/9CPhq1X6ioX92dD9EkD0lyO0q6Znqv7a08CdZGy8O2op71vJvbstddlD0d8iYjMTSNXueADZ+s42Po9AYhESX9i073fwq0z6H0IueVzlwszLsxH/H7s4VP8zrbYmd7syVBAo3WCarR0eI/pOjCZTTFpo0OZc8ZsITadkMLkxT0MHQs5/CcIZyaEDoRuOnQwae/O7Ptg5fyT4Hu+e9fv+YNHT3ld1olCY2aDi9LTAIqRQ4aTQGnOV32eqVwGQ/SfwVzoOZABYooVNsciIc7km2/1Xn8Dw9FH9lPHNp+Q6fU4FI/aoZloUiMQ8mHFDRNc1sXpCnO9aBsJ8aQkxIoFRlxDhodDs6IsgUBH6oFZOkI/JN37tv7ptnWhe10teK9miu5rUmN/BuH/hGd5GgIfbyJSe5MfKKk6GBtNAWcxnbJpL4iI5Ti1G5UJMMqpNHtRfuPrEbb4/c086Y5tN3qnjw20b6gV0aqRE+0iWeuMZMOjQREuVSOMzIsA4QUn6hGU8BpTpder5TpvF4e1Qo8bO6Vto2FKGQtLQd6tmNB8sCpp3u96c7uyaWVDrV/dcfWv9zV77ZPz01dfnjujn3RE++Nnn9RQMR0rSdujdm6cRgwuqcrKZk99cOqnX0Pfli/8JaOwMLCwsGDB9N1MvUWeYWPsU6aKS6Uy0Dg2muvNS6PK/afpN/+bF8wSeGWVlY/+HvPO8ukj6+cvO03py4/Gmey1ju5tG9q77qRVfrloetETZrGFN4oJ9MPKQGnWy13KhisbedAHmxhWBq18TfwNA5RjabjU/te+2ZO1uKx9hA0YgAr3fi3P2c79Kz9JP2K8r+/4ZuzuzcG1lnrUB3KB8uL+5ZWooN7s41Z5t1kZvOR7mW/xHRa0zj0j+2MK0KjV6JwQ0dx+vFPo7gmaLQ4hpX2ANKs9OnxTu5LH19/93UTi0tnf0X5tkMbs5mTx6KTx+enpvctL84Th+796Ne9vZ5VdLKndBu96YdOK22S1LYNnZoidPbmGHtxE9BocQxr7wFUW/1TeMlr27O7b188Ps2/okwTfHnevt2am2sfPfLp+d5a1N0+197Z8R+OXdmxrc2q/j7HUBM0OoYnHUOuJQKHPrrn977dfdvV0Ve/9OHdF235FeWnH9vbW7qU6tBMHEoogC6DXAp44CkIjHACBIaBANWkt/yXDxocSoG3/VInB4cOI+PxiAEaHY/zjFE2BYHffsMvOYeStQ51OoEwHwKg0Xy4wQoIAAEgsIEAaBSXAhAAAkCgEAK4xVQIPhgDgZIQSH9gvqSgcJsPAdBoPtxgBQTKRYC+SFNuAHgPhwBoNByW8AQEwiEQ9rvC4fKCJwcCWBt1gAIREAACQMAfAVSj/lhBEwgMD4GJibM/CrK+HvItNsMbw9hEAo02/1Trt5Pge591Od9EncSkTKDSqEvy45YnaHQszriwJ96JV8fzrSmV8kehWrWTCBqt2hlBPkAgDQGjMkWhmgbWsPpwi2lYSFcvDlWmer7PbS00FGgELBErbc69PErbsHqjR0ZAIBgCqEaDQVllR8J39uyeupxCGg7LRcGpaY/aqW+rQQIEGoMAaLQxpzJtIEKIWsmoJalL34DyuRlFOk7StD2nJYe+QQhg5j4IoRH3g0ZHfAKGGV6znkGaYdPwoeCwEZvnje8j8V4/8MS3m2S8eBaqCqceNFqFs1DjHJiaSyXlGqNTIPUUfkzpKhAQpvkRAI3mx66OllKQCv35M6CniadaHdFDzkDAiQB+YNkJS+nCSv3AcumjRYCMCGT9gd+M7qEeGAFUo4EBrZo7590erF1W7TQhn1ojABqt9ekbnDwYczBG0AACxRDA4/fF8IM1EAACY48AaHTsLwEAAASAQDEEQKPF8IM1EAACY48AaHTsLwEAMMYITCxMJI0+pSvJJJO87v71YEGjmU49lIHAuCCwfnC91KFm9e9Pu6TprxxkjLhTHwRGOAECzUFAOMiH6WzCGmiVyX8OWDkBO7EcrjxNQKOeQEENCIwLAploaCBp2qhl8m+bV1ACGq3gSUFKQGBICOQgQSMzu+gr7lOH0P7LLmNzgw4azQ1duYYLR243Ahy8Zk+5IeEdCGRHICxp2vHFP3Fo2bHs6J4S0KgnUCNQ07z5nv30O5Gg0RGcBYQEAgMRAI0OhKgCCk9WIAekMDYIyNyZG8FrwLr7ty8E0KiNyYglN9988y233zK9e24jj00OveL3r3jrzFvf+/73Zs3v3HPPFZNnnnnGNicFp9zWhGQcEAjOmwZo+fz7W/lrhjqbeG40FJLB/Dz66KPtVtt2176g/eg/PmrLfSTEkrxpShXDdA51mvgEhQ4QGBMEUI1W5UQ/+OCD9913H2Wzvr7e3tmOou6RI0fi5Nbi3fQFrV7UeirqsXDXa3Z1LulUJXXkAQTGGwHQaFXO/zfu/Mbeq/dSNkSUs5fPOtM6unh07v1z1LVv33xBGuWJvN6TWzmkNpeoXIryPr1odSYMIRAYBwRAo1U5y7213uqTq1R7tlotajvToq64OO3Xp8U355KoCLlB1OlUKx4dHoBAYxAAjVboVHbv7xJFdk93W/e3JK3FzeecZrff3uv2Vu5fyUGjXE6ST11ROqtLp7BCGCEVIFA9BECjlTkna1HvdC+uN7duxJ6GpNdz16opIwE5poCDLiBQEAHQaEEAQ5qvrKyQOyLTpdNLSX5XllZ6gSb1SSFS5MaUnzQx5U+BC11jggBotDInevvGqujKYkym07Oz++ZmV9b6i6FRtPi5w93jS7H8/dNUr3ZPDy9tXh6leChphwd6+ZEmJra8aZSeDykek30WdEVOCnooPpCsHvDcaFbEStSnO0ut7RuTempMnT/V3j559OiWKTzN6LNO6p3051wkdQqZQLlLFOxGibjAdQkIMFXRnjeDVfMFDEJ/QZzkyz+3FarR3NAFNnz9xa//1je+tXT/Srw8un3Debe3Oje3SawXxJXpykqXei+5+CLP8HJzSes7idXTIdQaj4CmVCE1qTTtklP0DQa0/WgnrKxrTx8/BL6REp+O0ZIvaLQqfxSv/eevpX+SzcKRY9Te82uTUf/LoItRdNttt+XIFYyZA7RxNtG8RjjIIfEUteXQbrCyQOf0o52QAimzhElQiNXG38m5mjqNcLaHUiWg0VLhze+c7iO95+NHooQHSPP7hSUQUAgwl5FAKIl5LQkkzVy2Trqt6OtYthNbYnMo60jytsmQJaDRIQPuG+7QR+NvNGEDAqUiIAwlUewqstQEPJ07i810Tvf0HEQNt5iCwAgnQKDGCCRVkVnLvaz6npBpDi0phGcmSWqoRpOQgRwINBkB5iNhKGZS2mtK5TbraH3dTtI3qJkOCU0jqOZH6ZUGm/A5sNnT8E9qWn/IZw40OmTAEQ4IVAIBm3REorvShTwSp76T15yazhAaIztVO+5oMQWNjhb/0qMvLS2VHgMBgMB4IwAabfj573Q6DR9hE4d31113NXFYjR0TbjE19tRiYEAACAwHAVSjw8E5LcrFX0jrTe+7+6r0fvQCASBQOgKg0dIh9glw+7/K8+Ofe/7beT7OoQMEgECpCGBSXyq8cA4EgEDzEQCNNv8cY4RAAAiUigAm9aXCC+dAYHwRMJ6ZT3r80x8g43F9MUx6jJ8UdNCkfJLcpiemrUCj6Vg1oVe/Ky/HC5983m/v1HEKmwAoxuCHAFOYP0n5a6bEtynV+cx/ioeBXULH3CD/oNGBoDVBQdgT1NaE0xloDLo6G1gqamWOP9DEmaZQjzRYjQ8liu2cumwh2SbJndGdQnKbyYn98YC1USewlRPueOHmm5yLpUZ86nyRczGvsK4fAkwcxAi8CX8ljUQ0pZGkmS7XHERtgzcLOqfQ7JPc8sbhJCWRpyc5sJfRk+RRjQ5EbPQKoTjUHolQqp7sO4VkK5VsigKpOdcN2MTZZWcFyRAQ0BTmE04oQ5QNhvJxEsQ2PRATnOjoQ52woZbuc2AvaHQgRCNQIN489dON3/9kDpXDgNnoCb6mSCfZaWXnEkGKh5SugMOBq0wI2HSTbl6ENNM917GX0RBMMKmv6Elk9iyPQzMNW3MoG5KENu3ESb6iYOtnSgDKpSJgV5qlhvNxHjyl4A71KECjPud02Dpce1aEQ+3BM6um86ZhRcq82d4gGQkCeg2Rq6rgREMO2ac0aKQiMdp0aKeUAxnthGJJwZgkzxHCNgGN2phUQsJMGnwub9eVPqMlBjRqTx8r6FQcAWIW3ihPaQTMWfxr53ZQkkhQ3WtkQl1OorflOq52kiTXbJtv+FgbzYfbMKwCcqiQoC4hNTmK3Cmk0bKc1Zys6gzBMCX5HAaIiAEEykcANFo+xqOOoKnTyMXZZQjlUMuTdLT/FP1RQ4L4tURA1616AElyz0EWNKcooFFPqMdUzZ7LO5l3TNHBsIFAHwHQKC6ENARAmmnooA8I9BHALSZcCEAACACBQgiARgvBB2MgAASAACb1lbgG8B77SpwGJAEEciEAGs0FW1Aj/J5SUDjhzBeBiYkFrbq+flAfSq8h9/U+LD1+mFTfbdePl3rehefBZh2pWIFGh3W2EQcIVAwBZg3iAps+nMIg6Rd/1n0r18ffU9K8afj3DEcIGB8qPoMVK9CoD1zQAQLjgoCwiX81mqn6E9Yz6kTthLEeWEh6UqTPmeOPDf3hIZWmNMSPjQxo1Adk6ACBcUEgpUR1QpCj+mN+NAwHkqYzenlCrjSFWO0GhRY+xZ368k4EPAOB5iPA1SVxIm/+AxZDNhEPnq5IrU9k8cYN9pM7H2fm9nKHVpNeVKNO9CAEAkDACwFiMV1IMqn5WBqGWatRI6g+zJvPlhtuPkMQHdBoJrigDASAQCICnhzKall5MzFqcofB1EmKxpJoegWqncikHjSahO2w5fs/v0ohe2vxvyje9+I9ifoN6qFG3BU3oh98de+w80O8xiEgLKDvohhCGnQ6rfAkmrGRCXUKRXpSmz/YMqnnoJrKU9IQ/zxeZlKftr6nL+unoFH/81W65vTOyT5RMpPG7T6lTvXWVmMmjWk0JtNudyVTKvY7RkVid5FnpzBTRCjXAgEnPzqF6cNJmlA7rXyozWmYJDQcZvWvx+vTpjRsNdBo0tkZgXxpZdVRilIiG5VpzKH9yjTYhjePBIMSjsYYAdBoVU7+7PTKzOtmNrOZ3GxMbTSejP+/Sv9F0fzH5quSNPIAAkAAL8qrzjWgONRKSnEo9R06dMjSyCnQ83f71aLklIUoWnPiC7PxQADPjVblPC8vL7tT2cqhNKnfv3+/WzNZSmyoN1uR+ZToUjOmCJ0MazuBBAiMJwKY1FflvM/MyIx+QEo5qlGjnPSnRX/NAUmjGwg0FwFUo1U5t7fffrsjFasUJZ0c1ajDs5+I61NM6v3QgtaYIoBqtConfs+ePVtS6RMobXxbKW5t3qPPUY1u8Zx6gPIzFR50AgEHAqhGHaCMROSsRs9yqMqpjGqU6k1ePNWFpwjBrSO5JGodlB6D11uQsbDDIK7ESZA8UY2GPSn5vW2pRl1z+Q3Xa5nv1NtTcpEYpMkhnML8A4PlWCLA32iSh+GJrbI+GG/Dxj5teRFJkDxRjRY5BSFtjx07Ru640tz/sf3RefHzoZPnTcb7ycn5+c39+ZOZqlGuMZ37kNnDFxDwRsBZpUqlaZecou8Twagu6dDHyqnjn2eAjwhnBhCmI7CwsHDw4JbfbEjXH9h75syZgTpQqAsC1157bdjLYyQD1xWotLWQsjJ0SMJFq1OfObF4VWugUTxPTOpHcoEhKBAYCwSY+IQcuSFCG4J0ivSZ1NvO031yDgXzBI3apxISIAAEwiAgpaW406UfCW3WKxjYhzTtEAXzxNqoDSkkQAAIhEQgqYrMyqFZ9bOOIXeeoNGsUEMfCACBwQgw5enJMreZqqhNm64Btb5uJ+kPzsBPQ8ciC2HSpLjOPDGp9wO7BC3cFCoBVLisCgJMkTobkeiudCGbO/VDjTNInqDRUKcjsx+6G5vZBgZAAAhUDwE88FS9czLSjE6dOrVjx47V1fjFpnpbXFw8ceLEZZddNtLsAgSn53P/9Oif/3Rt3fB14s7/QQO87rrrWN5qtahO+do//CRSzx2ur0eP/P1XtFqOhNhzDkOYVBYBrI1W9tQgMSAABOqBAGi0HucJWQIBIFBZBP4/hAETGzlS/8wAAAAASUVORK5CYII=" /><br />
<br />
3. Paste the code below into the Module window.<br />
4. At any cell enter function =RandomizeF()<br />
<br />
<br />
<br />
<br />
<br />
<br />
<img alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAABhCAIAAAB3ZGCTAAAAA3NCSVQICAjb4U/gAAAPqUlEQVR4Xu2dS+gf1RXH+48xajQm8f2IrwRjYjTEB1hdBSR0E8RAFiLughsXXbSFUuiyUFqKi25a6MK1IAhSxRqiFRULIojGJCQxGjXxFR9JjO/EfvToZZjnnblzZ+78/t8fIcz/zrnnnvO9c79zzpn7m9/c999//wt9hIAQEAJTQGDBFIyUjUJACAiBHxAQYek6EAJCYDIIiLAmM1UyVAgIARGWrgEhIAQmg4AIazJTJUOFgBAQYekaEAJCYDIIiLAmM1UyVAgIARGWrgEhIAQmg8DCnKUvvvjiZGxPw9Dbb789kiGai76AdXMkSPuCdCw9ecLCjngrcCwn440bewFoLsLnLjdHgjQc0hE1lBDWiNZoaCFQhcCpU6d27dq1b9++BQsWXHjhhTfffPOZZ55ZJaz2WUVANaxZndmZ8uvbb7999NFHH3744QsuuOC000577LHHduzYMVMeyhk/BERYfjhJalQEnnvuuZdeeunaa69dv379e++9hy179uwh5hrVKA0+AgJKCUcAvZchv/nmmwMHDhw7duz888+/7LLLyI/m5uaqNPNODj4I1MhU9e3Wfvz4cQhl6dKl3bpne73//vvPPPMMLatXrz7jjDOuuOKKo0eP3nLLLd99993pp58+mEfhjkhDOAIirHAMx9EAVX366aeM/eGHH3Jw+eWXky6xgHPWwFMs7M8+++zkyZPnnXfeokWLYpvLQB988MHHH38Mk/ZCWFTNSQkhJhTCy3feeeeGDRvQPCT/xgZN+j0REGF5ApWc2FlnnXX22WefOHECy1jPb731FhR25ZVX0u5sJQr75JNP4A44i9U+jA/vvPPOkSNHYJOFC/u5uvbu3Yvl0DGEywGkfMkllxC+UX0fxiONkg4CmvLh5uLfP376Gg+2uu666y666CKK0KYTbtq/fz+5GH/CUPAUhR6IjKhqzZo1K1asiB1effnll5ALbIUBRHaBhELCizaqV+YRPHXw4EE8Onz4cLjyvmYhUM+mTZsCNcTo7qxK0LzW90B82L59ew4mc6zYHgNN6XQIUNBZuXLlkiVLqEN/8cUXtH/++edwFukhB+RlMNQ111xz8cUXDwMahMK4NtY555xTzE/9zSByfPLJJ3EKEoR86UhWSyWLFjZSXXrppVaS81cYLplbvelc7aVLstHfKney2vCxm/LG0TsLtCMssz7ng2vsbESCHf/0578UrfrjH35fbPRv2bx5s7+wpySZF0HWueeeS9xBhEVu+NVXX73xxht0X7ZsGRkigZinqkCxl19+GRIxJVAVGVxIAQsuvueee4jRHn/88ddeew21t912G4V2MkGocKxCe5ak0lnJnamzc8fASyWkezvCKh1pim6XOpJthJtynBXIVo0jhghQiibUsjTQ9LDUyQF7ZCvKYfARPFK0k6jq3XffdWyFDBFQYMmM+pdVrCjhMyJpL3UrSJACGcNhDJEjA5F+8rnqqquylbuihbFbXLTi1kLuLp5jOrMnt3CcEs6W6rFGE8spzMo7Z+sbSzEpsjBKio2lfYdpbEFYzu7UfIiEVJazemErK2DFiLNY1Tz7twK8oUEkAonAYqUU0xYxYjdoAp0wUVEhmSCJm+kk/GEbeiBbOfOoXpEJ8ifBGvyFAfj49NNPv/322/feey8DPfTQQzxquOuuu+644462TlXJZ4nDyeTIJds3u54bj3MCTk+OFEr1mGGOtkpNKpJUjeYqBFJub0FYKbsRyTbjrF7YKpKFqCXcIO5gcwPH9gTN1jlLnXY4K7D4jVrq32Y/4QyVfqpm9idE+eabbzq2IiyCWfpiK4aAKG3rxuLFi5cvX04myNMD2IoP+0gZCGNwliIdlriHD4FQlxKB6cxymROrkq9qd+YhkFVYZXZWT6NOZ6ePZKk7VWYk0u5LWDmeNqx9QEnEz85m9MhWMWIr2z5qqxq2IlFiGX/99dfwCI0fffQRIQ/JVGf3ix0PHTpEsolaOAJCtAgIMdJPqmkUzopdOrcQ1hkbMhycZYV2RoG5+FIhEdbdd99NzS6ckT0tdBd8jmh8eMdziHCx3FJFYZV5U1y/voRV43Y4xNLQDQGKVkZMdCe6ufrqqy26IWuDuVjVRChwCiV5Vnu3IYq9IBECHAI3qx+ZAPoJc6zqVOzSuQX7ra89FrQYCp6CHDHDyluWovZYhi9d3jVrO0sQpX07u99Xxxrj+xpiMD1ehFXkbLOvqn0w66c1UL81LAo6EIctaVYyhedsLuY4i91YiPEtvJCM6aabbuLJI9UiA5y9Bbt37za+gCnIEHuPrRgI/URzHNjrGRwl4Yh9i9D87ZGqzDuf5V2aYbRlq7byPlf7zC9JL8KqR8rhbgc+812vUGd9ECAXs7oV65mv1xF35JaubcIijYLUiIZCdmPBEYRv0Af0Z7YZW3GMfgir30zQhmCLhu1BhXxJQgknyf5wit2k7okkknyvMGT/hA/U9TJGXsi4gxr5rEzVsamqUVJ/yq1HW4lFqya9Queycw8QfG9LbzirvyCyZ6PCVa98586dtgWcEhXhVVUdh2XPCqcSdP3114cnhgRWqLIAx3CAQQjfYuwqIKB78MEHIam1a9fed999//vxQzLIV6DJf5944gnGpegOV65bt64mzsrCWA+p/7zPsGQuRkstZNNXc6Z67dmdhuVK9FHFVvhGJX7VqlXQCvER5BXoLdxBNOeUWCoag60YgsAQtuIAqmUg/OUZAi7ceOONpKjUy/CIQA/+yhJooIPqnjgCPaSEiXs4q+ZRh7ZEr/EbMGwr5f0zCJNVNQo3wmW5J48gCbVIBvtNx5599lm2UGzcuJGHBnzHCGOwnGwUYiLwh7mgZuJE+PeBBx7AAJ4ewmU1fN3ojgRyCFgKaWljauEVpoqwpnrFsu2bj6f1rYQbdbIlip0TxDW9PxaEsKjoo5YvFb3yyiskerfeeqvtwIKVbO+omQdV8cEGZGrywUZfJFBEwBW5Eqx2ibCK86WWBgQIavh+dYNQp9MEg+wsu+GGG2AuQkLYigQQPnIxVC6YUmzVCeYJdxJhTXjyZs/0rVu3cld/6qmnKKtv2bKFkln9m1RnDwF5VI+ACKseH50dFAH2o27bto0gyypTFlspjBp0DtIerISwYv/WXtqApGWd5qL3+RCkvUM6pML8Pqwhx9ZYQkAICIFWCGgfViu4JCwEhMCYCIiwxkRfYwsBIdAKARFWK7gkLASEwJgIiLDGRF9jCwEh0AoBEVYruCQsBITAmAiIsMZEX2MLASHQCgERViu4JCwEhMCYCIiwxkRfYwsBIdAKARFWK7gkLASEwJgIlHw1p7M5r776aoxX5Xa2J6QjLyBev359iIZx+2L/pOdC9uv6KUWgzwhrll78OHVfcm++Lp37lBtl/7izkyz+IqzyC2PqhCX7y+d1qFbhHwlpEVY5sFO/4JK9Q5bDXWiV/QVIBm1IFv/QGha/Z8mbag3LARb5xr/fb2P999f/ijqBA/gi+2sQEP414AxwKln8gwgLtuI9tkMS1gBTFZt8sz+fGe+d2bHvkLG9iGR/1mwmeor4D+NCJPxtcYVcPN0Jy9gqyyCxWdnCK2IrDvgXNciK6otbJ/F+lSSq/Vmzc+unrztKPPuzJDVR/OPxrJu+ePjbEJ1d6FjDKrIVdsR2sq/F4KNn6r7Eu0PmFnnnK69+FuLZnx0X4yMR7jD212MYcjZZ+7sQVilbibBCro/e+06dcGV/75dEK4XJ4t86Jaxiq9iE5fJBh3vUrDDqhLm7eqTwBIiSvUN6LhvZXwNUSA2oRm32VGz8Oy+BdoRVw1axCcvQdE8JPXHvLBaVsAaoYcW+4DoD69lR9tcAFe8+5waNjX9nF1qkhPVsNQxh1cxiv6eiEla/ppZqk/2lsOQaIxWwZmAtJHv9+BJWI1tFnaTs9iseDrrng/ECrmQnzGcdIhPvDpkrVEda8/HsdwCa5Z1v9fUTMYD99QYEnk3Wfq+U0IetohKWoZ/dx2CbGwJnpaZ7VMLqnMDXGJw7FdX+LGdFWvDx7B+gABR7LQzgQjz8/a/hUslmwvJkq6iTVLrlqrSx1MkOjfEmLNIKz/kY+w4Z24tI9sc2281CJPvRP4wL8ewPdKEhJfRnq6iE1YFxArvEI6xAwzy7y35PoCKJCf9IwDZEWHztxn3zptGCqU9S1sGp+xL1Dtl4JYQLyP5wDEM0JIt/Q4TVyuepL/JZIqypz4Xsb7X0ehdOFv+GCMsfiJW/+9UPws/790hd8jfP/+PA3/6TupUV9iV7h6ywN98s+/OIDPt3svjP7dy5Ezblg4n1B/UCv33hn8NCOsRof/3lT2+zGWIwjSEEhEATAguXLFnSJON3/oUfxKYbkuSctIBx69atfs4nJ/X666+vW7cuObO8DZL93lBFEUwW/z5rWFGQk1IhIASEwM8IiLB0LQgBITAZBERYk5kqGSoEhIAIS9eAEBACk0HAi7DslcThPs3NzYUrkQYhIATmLQIN+7C6vQ4BYsrt4yi2VCFupFbcBlLVntVTlMlRZFFtlRlqFwJCIEEEvCKstnbDC1mm8GertgPl2KqUj2h0nxx/hQynvkJACAyPQANhZV8+1a9xjjvsgP9dS47vGLdIeSbv/kemlK1qbM72dUPXyOuUEBACoyPQkBJ2ts9Ix/2f05MjoCIf1Y+blW/b1zTnNNQPp7NCQAgkgkAswqpxr0gxxeAoy3RF+RrlxVPZ6Kk4EPLFgK6oRC1CQAikgEBEwioNrwLZpwNkjqSyzNVBj7oIASEwOgIRCavUt1IWK5WsaczGRKVBU01fnRICQmC6CAxNWCDlyVmOlYqU1C1MqxpXkdd0L19ZPt8QGIGw/DmrajKyEZZp43/HO3ZQpLmstlyMJs6qglrtQiApBLwIq/PPPeRYI/unO/aRMcicZC7Csj9LGcpfeVKzImOEgBAoRcCLsEp7znbjzLzYa7anSd7NNwQmSVjZhI4JK42tOk/kT+96/rm/mKszkuooBHpHYJKE1TtJ9Ut5vU+SFAoBIWAILDx+/Hj9q9zd695Z1TWSpi4XnkwO5WI8xbtiJ+eFGTxdy2V/CpdcmtfPwr7e/D2TP0LBddMXPgNfgsm+k9sTB9nvCVQksWTx7y0lJDZ55JFHpvurDZEmXmqFgBDoEYHeCKtHm8ZVZVlhsneYccHR6EJgXAQaXi8zrnEaXQgIASGQRUCEpetBCAiBySAgwprMVMlQISAEmmtYmzZtMpi2b98uvISAEBACIyLQQFiwleOp7PGIFmtoISAE5i0CDSmhoqp5e2XIcSGQIAINhJWgxTJJCAiBeYuAL2EpH5y3l4gcFwLpIOBFWGKrdCZMlgiB+YzA/wF9UBTizpenCwAAAABJRU5ErkJggg==" /><br />
<br />
5. This code will skip Capital "I", Capital "O", small letter "l", small letter "o" because I use this code to generate random password. In order to avoid confuse, I decide to remove these letter.<br />
<br />
*<br />
<br />
Public Function RandomizeF()<br />
<br />
Dim Rand As String<br />
Application.Volatile<br />
<br />
Do<br />
'i = i + 1<br />
Randomize<br />
a = Int((85) * Rnd + 38)<br />
If a >= 49 And a <= 57 Then<br />
Rand = Rand & Chr(a)<br />
ElseIf a >= 65 And a <= 72 Then<br />
Rand = Rand & Chr(a)<br />
ElseIf a >= 74 And a <= 78 Then<br />
Rand = Rand & Chr(a)<br />
ElseIf a >= 80 And a <= 90 Then<br />
Rand = Rand & Chr(a)<br />
ElseIf a >= 97 And a <= 107 Then<br />
Rand = Rand & Chr(a)<br />
ElseIf a >= 109 And a <= 110 Then<br />
Rand = Rand & Chr(a)<br />
ElseIf a >= 112 And a <= 122 Then<br />
Rand = Rand & Chr(a)<br />
End If<br />
Loop Until Len(Rand) = 8<br />
RandomizeF = Rand<br />
End Function<br />
<br />
<br />
<br />
--- 墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-69070879792034739042015-03-27T18:45:00.000+08:002015-03-27T18:45:42.279+08:00Install VMware workstation 11 on Fedora 21 with kernel 3.17Here is some solutions which might be able to help you during your VMware workstation 11 installation on Fedora 21 with kernel 3.17.<br />
<br />
1. When you try to power on a virtual guest, you received error : "Unable to change virtual machine power state internal error".<br />
<br />
Change the option <span style="font-size: large;"><b>mks.enable3d</b></span> in the .vmx file from <span style="font-size: large;"><b>TRUE</b></span> to <b><span style="font-size: large;">FALSE</span></b>.<br />
<br />
<i>mks.enable3d = FALSE</i><br />
<br />
2. When you try to power on a virtual guest, you received error: "Version mismatch with vmmon module: expecting xxx.x, got yyy.y. You have an incorrect version of the 'vmmon' kernel module.<br />
<br />
Try command below, these steps will help to patch vmnet source code:<br />
<br />
<i><span style="font-size: small;"># curl http://pastie.org/pastes/9934018/download -o /tmp/vmnet-3.19.patch<br /># cd /usr/lib/vmware/modules/source<br /># tar -xf vmnet.tar<br /># patch -p0 -i /tmp/vmnet-3.19.patch<br /># tar -cf vmnet.tar vmnet-only<br /># rm -rf *-only<br /># vmware-modconfig --console --install-all</span></i><br />
<br />
3. When you try to power on a virtual guest, you received error: "Failed to open device "/dev/vmci" : No such file or directory. Please make sure that the kernel module 'vmci' is loaded."<br />
<br />
<br />
Execute the following command to build and install vmci module: <br />
<br />
<i>#vmware-modconfig --console --build-mod vmci<br /># vmware-modconfig --console --install-all</i><br />
<br />
4. When you issue command "<b>vmware-modconfig --console --install-status</b>" at the command prompt and you found that vsock status is not <b>installed</b>.<br />
<br />
If you try to use command "<b>vmware-modconfig --console --build vsock</b>" to build vsock module at the command prompt, you see some error like:<br />
<br />
<b>error: too many arguments to function ‘sk->sk_data_ready’</b><br />
<b>sk->sk_data_ready(sk, 0);</b><br />
<br />
Try the steps below to patch the vsock source code:<br />
<br />
<i><span style="font-size: small;"># curl https://raw.githubusercontent.com/rasa/vmware-tools-patches/master/patches/vsock/01-vsock-sk_data_ready-kernel-3.15-tools-9.6.2.patch -o /tmp/vsock.patch<br /># cd /usr/lib/vmware/modules/source<br /># tar -xf vsock.tar<br /># patch -p0 -i /tmp/vsock.patch<br /># tar -cf vsock.tar vsock-only<br /># rm -rf *-only</span></i><br />
<i><span style="font-size: small;"></span><span style="font-size: small;"># vmware-modconfig --console --build vsock</span><span style="font-size: small;"><br /># vmware-modconfig --console --install-all</span></i><br />
<br />
After you try steps above, when you issue command "<b>vmware-modconfig --console --install-status</b>", you should the result should be like the below:<i><span style="font-size: small;"> </span></i><br />
<br />
<i><span style="font-size: small;">vmmon: installed<br />vmnet: installed<br />vmblock: unknown<br />vmci: installed<br />vsock: installed</span></i><br />
<i><span style="font-size: small;"><br /></span></i>
This is the result after I fix all the error that I get.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8cac5DkXWhDU6l1YtJAOW3whSDbuJ5mkNrIiWpFkSGrePsOjaBjb210xNb5l8cfGHjR1i-umVryAOLnt3TvFz_8h8ihl5k-2r8wVh4Pyvr8EzdsawPy2HMGKNLD2k8NRSLzFX0FDhQ78/s1600/Vmware+Workstation+11.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8cac5DkXWhDU6l1YtJAOW3whSDbuJ5mkNrIiWpFkSGrePsOjaBjb210xNb5l8cfGHjR1i-umVryAOLnt3TvFz_8h8ihl5k-2r8wVh4Pyvr8EzdsawPy2HMGKNLD2k8NRSLzFX0FDhQ78/s1600/Vmware+Workstation+11.png" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">VMware Workstation Running on Fedora 21 with Kernel 3.17.8</td></tr>
</tbody></table>
Wish this solution will be able to help you on your VMware Workstation 11 installation.<br />
<br />
<br />
<br />
---墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-16186446581988009672014-05-04T20:59:00.000+08:002014-05-04T20:59:11.780+08:002 Steps to Perform SSH Login Without Password Using ssh-keygen & ssh-copy-idStep 1: Create public and private keys using ssh-key-gen on local-host<br />
<br />
<br />
<br />
#ssh-key-gen<br />
(Press enter three times)<br /><br />Step 2: Copy the public key to remote-host using ssh-copy-id<br />
<br />
#ssh-copy-id -i ~/.ssh/id_rsa.pub <i>remote-host</i><br />
(Replace remote-host with ip address or server name)<br />
<br />
<br />
<br />
---墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-56561405814040620242014-03-02T13:53:00.000+08:002014-03-02T13:53:18.260+08:00Fedora 20 with kernel 3.13 fail to install vmplayer moduleJust upgrade my fedora to Fedora 20 and found that vmware player not able to install the module.<br />
<br />
It end with this error.<br />
<blockquote class="tr_bq">
<i>...</i></blockquote>
<blockquote class="tr_bq">
<i>/tmp/modconfig-rHN4Kj/vmnet-only/filter.c:206:1: error: conflicting types for ‘VNetFilterHookFn’<br /> VNetFilterHookFn(unsigned int hooknum, // IN:<br /> ^<br />/tmp/modconfig-rHN4Kj/vmnet-only/filter.c:64:18: note: previous declaration of ‘VNetFilterHookFn’ was here<br /> static nf_hookfn VNetFilterHookFn;<br /> ^<br />/tmp/modconfig-rHN4Kj/vmnet-only/filter.c:64:18: warning: ‘VNetFilterHookFn’ used but never defined [enabled by default]<br />/tmp/modconfig-rHN4Kj/vmnet-only/filter.c:206:1: warning: ‘VNetFilterHookFn’ defined but not used [-Wunused-function]<br /> VNetFilterHookFn(unsigned int hooknum, // IN:<br /> ^<br />make[2]: *** [/tmp/modconfig-rHN4Kj/vmnet-only/filter.o] Error 1</i> </blockquote>
<blockquote class="tr_bq">
... </blockquote>
After google, some say this error cause by the <b>Nefilter</b> selected with the kernel compilation options. And I believe most of the distro kernel will have this option selected.<br />
<br />
Here is the solution, I didn't manage to patch it using command patch, it keep saying malformed patch, so at the end I edit <b>filter.c</b> manually. But if you manage to figure out to format this patch correctly, please let me know.<br />
<br />
<blockquote class="tr_bq">
--- vmnet-only/filter.c 2013-10-18 23:11:55.000000000 +0400<br />+++ vmnet-only/filter.c 2013-12-03 04:16:31.751352170 +0400<br />@@ -27,6 +27,7 @@<br /> #include "compat_module.h"<br /> #include <linux mutex.h=""><br /> #include <linux netdevice.h=""><br />+#include <linux version.h=""><br /> #if COMPAT_LINUX_VERSION_CHECK_LT(3, 2, 0)<br /> # include <linux module.h=""><br /> #else<br />@@ -203,7 +204,11 @@<br /> #endif<br /><br /> static unsigned int<br />+#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 13, 0)<br /> VNetFilterHookFn(unsigned int hooknum, // IN:<br />+#else<br />+VNetFilterHookFn(const struct nf_hook_ops *ops, // IN:<br />+#endif<br /> #ifdef VMW_NFHOOK_USES_SKB<br /> struct sk_buff *skb, // IN:<br /> #else<br />@@ -252,7 +257,14 @@<br /><br /> /* When the host transmits, hooknum is VMW_NF_INET_POST_ROUTING. */<br /> /* When the host receives, hooknum is VMW_NF_INET_LOCAL_IN. */<br />- transmit = (hooknum == VMW_NF_INET_POST_ROUTING);<br />+<br />+#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 13, 0)<br />+ transmit = (hooknum == VMW_NF_INET_POST_ROUTING);<br />+#else<br />+ transmit = (ops->hooknum == VMW_NF_INET_POST_ROUTING);<br />+#endif<br />+<br /> packetHeader = compat_skb_network_header(skb);<br /> ip = (struct iphdr*)packetHeader;</linux></linux></linux></linux></blockquote>
<br />
Here is the steps<br />
<br />
# tar xf /usr/lib/vmware/modules/source/vmnet.tar<br /># cd vmnet-only<br /># patch -p1 < patch.patch <b>(If you manage to format the patch correctly)</b><br />
# vim filter.c <b>(Edit the file manually and modify accordingly)</b><br /># cd ..<br /># tar -cvf vmnet.tar vmnet-only/<br /># cp vmnet.tar /usr/lib/vmware/modules/source/<br />
<br />
then issue this command to compile and install the vmware player module<br /><br /># sudo vmware-modconfig --console --install-all<br />
<br />
This should be able to solve the issue and your vmware player will be launch successfully.<br />
<br />
<br />
<br />
---墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-20731074988370942282013-08-04T09:24:00.001+08:002013-08-04T09:24:35.472+08:00Fedora 19 with kernel 3.10 fail to install vmplayer module.If you are having problem start up vmware player on Fedora 19 after upgrade kernel to 3.10, here is the solution.<br />
<br />
Basically it is due to the procfs interface and vmnet not able to compiles.<br />
<br />
First download the procfs patch from <a href="http://communities.vmware.com/thread/446113?start=0&tstart=0">http://communities.vmware.com/thread/446113?start=0&tstart=0</a> .If you don't have time to read the forum, here is the <a href="http://communities.vmware.com/servlet/JiveServlet/download/2239207-108590/procfs.patch">link</a> of the procfs patch.<br />
<br />
Or you can use the following command:<br />
<br />
# tar xf /usr/lib/vmware/modules/source/vmnet.tar<br />
# cd vmnet-only<br />
# wget http://communities.vmware.com/servlet/JiveServlet/download/2239207-108590/procfs.patch<br />
# patch -p1 < procfs.patch<br />
# cd ..<br />
# tar -cvf vmnet.tar vmnet-only/<br />
# cp vmnet.tar /usr/lib/vmware/modules/source/<br />
<br />
<br />
This will patch the procfs interface.<br />
<br />
Secondly download the vmnet patch from <a href="http://mysticalzero.blogspot.com/2013/07/vmblock-patch-for-linux-310-vmware.html">http://mysticalzero.blogspot.com/2013/07/vmblock-patch-for-linux-310-vmware.html</a>. The link of the patch is <a href="https://sites.google.com/site/mysticalzerotmp/vmblock.3.10.patch">here</a>.<br />
<br />
Or you can use the following command:<br />
<br />
# tar xf /usr/lib/vmware/modules/source/vmblock.tar<br /># cd vmblock-only<br /># wget https://sites.google.com/site/mysticalzerotmp/vmblock.3.10.patch<br /># patch -p1 < vmblock.3.10.patch<br /># cd ..<br /># tar -cvf vmblock.tar vmblock-only/<br /># cp vmblock.tar /usr/lib/vmware/modules/source/<br />
<br />
then issue this command to compile and install the vmware player module<br />
<br />
# sudo vmware-modconfig --console --install-all<br />
<br />
I believe these steps not only work on Fedora 19, it should work on most of the Linux distro with kernel 3.10.<br />
<br />
Please let me know if these steps didn't work for your linux.<br />
<br />
<br />
<br />
---墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com25tag:blogger.com,1999:blog-2338727879749368048.post-67864168403123880712013-07-21T01:31:00.001+08:002013-07-21T01:33:34.900+08:00Download Vmware tools DirectlyIf you would like to download Vmware tools directly for any reason. Here is the path:<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUPjRQamMmgMppjVaNS3uc-TxlpU-TYnET1J23556LgM9j2B7mgroLYJ_XHZCmlE0NupX6q8YkDe1oicq490yri72f46cRqVQFMNAKLy6NHL1Om0ZnIp22yv_MUSqp9CWGJbnMHqDVnWs/s1600/6a00d8341c328153ef01310f2f9f72970c-pi.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="235" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUPjRQamMmgMppjVaNS3uc-TxlpU-TYnET1J23556LgM9j2B7mgroLYJ_XHZCmlE0NupX6q8YkDe1oicq490yri72f46cRqVQFMNAKLy6NHL1Om0ZnIp22yv_MUSqp9CWGJbnMHqDVnWs/s320/6a00d8341c328153ef01310f2f9f72970c-pi.png" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Vmware Tools</td><td class="tr-caption" style="text-align: center;"><br /></td></tr>
</tbody></table>
<br />
For ESX/ESXi server:<br />
<br />
<a href="http://packages.vmware.com/tools">http://packages.vmware.com/tools</a><br />
<br />
For Vmware Player:<br />
<br />
<a href="https://softwareupdate.vmware.com/cds/vmw-desktop/player/">https://softwareupdate.vmware.com/cds/vmw-desktop/player/</a><br />
<br />
For Vmware Workstation:<br />
<br />
<a href="https://softwareupdate.vmware.com/cds/vmw-desktop/ws/">https://softwareupdate.vmware.com/cds/vmw-desktop/ws/</a><br />
<br />
From the URLs above, you will be able to download latest VMware tools which are available to public.<br />
<br />
<br />
<br />
---墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-18431177301387982922013-05-13T23:40:00.003+08:002013-05-13T23:40:50.591+08:00NetBean IDE 7.3 : FTP Connection reset errorI am using windows 7 32bits, Java 1.7 and 1.6 was installed.<br />
<br />
Whenever I try to upload with NetBean, the log will show that log in successfully, but whenever try to upload or sync file, it will prompt error : Connect Reset. If I am using other FTP client will not get this error.<br />
<br />
This is due to bug when using Java to perform FTP task.<br />
<br />
All you need to do is open up the command and execute the command:<br />
<br />
<b><code>netsh advfirewall set global StatefulFTP disable</code></b><br />
<br />
<code>This should resolve the issue.</code><br />
<br />
<br />
<br />
<code>--- </code><b><code> </code></b>墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-6213289793797605922013-04-05T16:31:00.001+08:002013-04-05T16:31:27.327+08:00Trim MP4Use the following command to trim a MP4 file.<br />
<br />
ffmpeg -ss 00:02:45 -t 00:04:00 -i <b>source.mp4</b> -c copy <b>output.mp4</b><br />
<br />
Explanation:<br />
<br />
-ss 00:02:45 : You can trim the video from beginning ( set this parameter to 00:00:00) or in the middle. In this example, the output will start from 2mins and 45 seconds from the original video.<br />
<br />
-t 00:04:00 : duration that need. In this example, the output will start from 02:45 of the source video and stop at 06:45.<br />
<br />
-c copy : use the same codec with the source file墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-12206046846544811562013-04-05T16:26:00.001+08:002013-04-05T16:26:31.813+08:00Convert FLV to MP4Use the following command to convert FLV file to MP4.<br />
<br />
ffmpeg -i <b>source.flv</b> <b>output.mp4</b><br />
<br />
If you received error (<span style="color: red;">Codec is experimental but experimental codecs are not enabled, try -strict -2</span>) when trying to use the command above, you can try<br />
<br />
ffmpeg -i <b>source.flv</b> -strict -2 <b>output.mp4</b><br />
<br />
If you would like to change the bit rate, you can add in <b>ar</b> option.<br />
<br />
ffmpeg -i <b>source.flv</b> -ar 22050 <b>output.mp4</b>墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-73503999906327027052013-01-31T11:34:00.002+08:002013-01-31T11:34:44.911+08:00VMware Tools Cannot Find Kernel-Headers on Fedora 18 x64After you upgrade to Fedora 18, whenever you try to install vmware tool, you will receive the following error. <br />
<br />
Searching for a valid kernel header path...<br />The path "" is not a valid path to the <span style="color: blue;"><b>3.7.4-204.fc18.x86_64</b></span> kernel headers.<br />Would you like to change it? [yes] <br />
<br />
I believe you already got kernel header, so all you need is to link the header file by using the following command<br />
<br />
ln /usr/src/kernels/<span style="color: blue;"><b>3.7.4-204.fc18.x86_64</b></span>/include/generated/uapi/linux/version.h /lib/modules/<span style="color: blue;"><b>3.7.4-204.fc18.x86_64</b></span>/build/include/linux/<br />
<br />
Launch the vmware-config-tool.pl again, the error will gone.<br />
<br />
<br />
<br />
---墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-53300584866281434652011-08-09T10:28:00.001+08:002011-08-09T10:28:52.151+08:00Mount Blue Ray in linuxmount -o loop -t udf pathtobluray.iso /media/cdrom墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-47248077918266385612011-07-14T10:38:00.000+08:002011-07-14T10:42:49.068+08:00SLES LDAP Failure - repair corrupted ldap directoryPreviously I had one post about repairing the openldap database in CentOS -<a href="http://install-manual.blogspot.com/2010/08/repair-openldap-database.html">Repair Openldap database</a>.<br /><br />Now this command will be suitable for SLES<br /><br />/etc/init.d/ldap stop<br />db_recover -h /var/lib/ldap<br /><br />Restart the server should be fine.<br /><br /><br /><br />---墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-21256211088942182692011-05-26T18:37:00.001+08:002011-05-26T18:51:27.372+08:00Radius and WIndows Mount FolderIn Linux , if we need to troubleshoot Radius connect , we will need radtest. We can get this tool but install freeradius2-util package.<br /><br />The usage of radtest :<br /><br />radtest<span style="color: rgb(255, 0, 0);"> </span><span style="font-style:italic;"><span style="color: rgb(255, 0, 0);">ldapuser</span><span style="color: rgb(0, 0, 153);"> ldapuser-password</span></span><span style="font-style: italic;"><span style="color: rgb(0, 0, 153);"> </span><span style="color: rgb(0, 102, 0);">localhost</span> <span style="color: rgb(153, 51, 153);">2</span> <span style="color: rgb(51, 0, 153);">testing123</span><br /><br /></span><span style="color: rgb(255, 0, 0);"> </span><span style="font-style: italic;"><span style="color: rgb(255, 0, 0);">ldapuser</span></span> : Radius User name<span style="font-style: italic;"><br /><br /></span><span style="font-style:italic;"><span style="color: rgb(0, 0, 153);"> ldapuser-password</span></span><span style="font-style: italic;"><span style="color: rgb(0, 0, 153);"> </span></span> : Radius User Password<br /><br /><span style="font-style: italic;"><span style="color: rgb(0, 102, 0);">localhost :</span></span> IP or host name of the radius server , you can specific the port number by adding <span style="font-style: italic; font-weight: bold;">:portnumber</span> behind.<br /><br /><span style="font-style: italic;"><span style="color: rgb(153, 51, 153);">2 </span></span>: Port number use to connect the radius server. Any integer would do.<br /><br /><span style="font-style: italic;"><span style="color: rgb(51, 0, 153);">testing123</span></span> : Radius client share password<br /><br />*<br /><br />In Windows , if you would like to mount a folder or path as driver letter, you can use the command : subst<br /><br /><b></b>subst<span style="font-style: italic;"><span style="color: rgb(204, 0, 0);"> e:</span> <span style="color: rgb(0, 0, 153);">c:\imagefdr</span></span><br /><br /><span style="font-style: italic;"><span style="color: rgb(204, 0, 0);"> e: </span></span>: Driver letter<span style="font-style: italic;"><span style="color: rgb(204, 0, 0);"><br /><br /></span></span><span style="font-style: italic;"><span style="color: rgb(0, 0, 153);">c:\imagefdr </span></span>: Path<br /><br />Use command subst e: /D to remove the mount drive letter e.<br /><br /><br /><br />---墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0tag:blogger.com,1999:blog-2338727879749368048.post-1171489433700627752011-03-29T17:19:00.000+08:002011-03-29T17:20:47.852+08:00DocumentRoot does not existIf you’re using Red Hat Enterprise Linux (RHEL) or one of it’s variants (CentOS, etc.), you may have noticed that using a non-standard document root for your Apache-based web site results in a DocumentRoot does not exist warning if the directory exists. The most likely cause of this problem is SELinux.<br /><br />The fix for the problem is to change the security context of your new DocumentRoot to match that of the system’s original document root. Here’s how:<br /><br />$ ls -la --context /var/www/html<br />drwxr-xr-x root root system_u:object_r:httpd_sys_content_t .<br />$ chcon -R system_u:object_r:httpd_sys_content_t /new/docroot<br /><br />Obviously, /new/docroot in the example above should be the path to your document root.<br /><br />From http://slaptijack.com/system-administration/warning-documentroot-does-not-exist/<br /><br /><br /><br />---墮天使 - 祥http://www.blogger.com/profile/11562784951398754760noreply@blogger.com0