Re: [gentoo-user] Your opinion on jpeg encoders, please
On Mon, Jan 4, 2021 at 2:38 PM Frank Steinmetzger wrote: > > Hi all, > > this is not really a Gentoo-specific question, but some of you know your way > around stuff, so here goes. > > When I edit photos, I like to shrink and recompress them to save on space, > but not mangle them too much in the process to lose quality. So for average > images I tend to use a quality setting between 80 and 86, very bad shots > such as defocussed or blurred ones just 70. And for the really good ones > (crystal sharp, portraits, extraordinary motives etc) 90 and more. > > In the far past I’ve been using Gimp, but for some years now mostly Showfoto > (the editor from Digikam) due to its more useful photo enhancement features. > > However I noticed that the latter procuces larger files for the same quality > setting. So currently, I first save with a very high setting from Showfoto > and then recompress the whole directory in a one-line-loop using > imagemagick’s convert. I have the impression that it produces far smaller > files at the same visual quality. > > > Now I know that one can’t fully compare quality settings of different > encoders, but it started me wondering: which is really “better”? Or maybe > just a little more enhanced, or up-to-date from an algorithmic standpoint? > > Just because many distros and tools use libjpeg, that doesn’t mean it’s the > best one out there. Gimp, showfoto and convert use different encoders, > because compressing the same PNG with the same JPEG setting does not result > in three identical files. > > Does any of you have an opinion on that matter? > Cheers. > > -- > Gruß | Greetings | Qapla’ > Please do not share anything from, with or about me on any social network. > > What do you call a man with a seagull on his head? – Cliff. This topic comes up a lot with astrophotography. I took about 150 24M pixel shots last night. It uses a lot of disk space. >From my reading - which isn't a lot - it seems to be technically superior to simply downsample the original and then compress with jpeg if you need to go that far vs using higher jpeg compression ratios on the original. I have no data to back this up and it probably depends a lot on your source material so YMMV but it's an option. HTH, Mark
Re: [gentoo-user] preventing some IP's from from being logged in apache
On 12/01/2021 17:11, the...@sys-concept.com wrote: I wish they design blocking by country easier. Unfortunately, IPv4 in particular, blocking by country is pretty much impossible because - due to demand pressure - addresses are scattered pretty much randomly. Especially with class A or B addresses, they might belong to a multi-national and be scattered all over the world, subnets might have been sold off, the rich world has bought a lot of addresses from the poor world, hacks might originate in country A but be carried out from a hijacked system in country B. Etc etc. All these protocols etc originated in a much kinder era, and aren't designed to withstand abuse. Cheers, Wol
Re: [gentoo-user] preventing some IP's from from being logged in apache
On 12 January 2021 18:11:34 CET, the...@sys-concept.com wrote: >On 1/11/21 11:32 PM, J. Roeleveld wrote: >[snip] >> If you blocked the IP in the firewall, it shouldn't show in the log. >> >> Add iptables to the webserver and block that IP. >> Personally, I would block the whole range (45.93.201.0/24), which is >either >> linked to Cyprus or Russia (according to whois) >> >> Any block in the apache-config might fail due to a bug or new >configuration. >> >> -- >> Joost > >Asus routers don't have capabilities to block external IP's (I need to >find a better router). >Blocking that IP range in apache works, all the IPs I blocked are >getting 403 error (regardless what they type) >but you might be right, apache 2.4 > SetEnvIf Remote_Addr "45\.93\.201\.104" dontlog (does not work). > >I wish they design blocking by country easier. Asus routers do allow blocking IPs, but it might be less than ideal. I would add a firewall to your webserver and block the full ranges using that. Any bug in apaches blocking WILL leave you open to a hack. -- Joost -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: [gentoo-user] preventing some IP's from from being logged in apache
On 1/11/21 11:32 PM, J. Roeleveld wrote: [snip] > If you blocked the IP in the firewall, it shouldn't show in the log. > > Add iptables to the webserver and block that IP. > Personally, I would block the whole range (45.93.201.0/24), which is either > linked to Cyprus or Russia (according to whois) > > Any block in the apache-config might fail due to a bug or new configuration. > > -- > Joost Asus routers don't have capabilities to block external IP's (I need to find a better router). Blocking that IP range in apache works, all the IPs I blocked are getting 403 error (regardless what they type) but you might be right, apache 2.4 SetEnvIf Remote_Addr "45\.93\.201\.104" dontlog (does not work). I wish they design blocking by country easier.
Re: [gentoo-user] Re: Your opinion on jpeg encoders, please
On Mon, 11 Jan 2021 20:26:26 +0100, Frank Steinmetzger wrote: > > > You lose some extra quality when doing this due to recompression. > > > What you should do is save in a lossless format (like png or bmp) > > > and then convert that to jpg. > > But that would lose a lot of EXIF stuff in the process. I know that > recompression reduces quality, that’s why I use a very high setting > (98…100) for the intermediate file. PNG supports EXIF tags, or you could use lossless JPEG. -- Neil Bothwick Top Oxymorons Number 39: Almost exactly pgpEB1U5Ippw1.pgp Description: OpenPGP digital signature
Re: [gentoo-user] Re: Screen/driver/xserver freezing after suspension
Thanks. I've tried to enable suid flag but unfortunately with no luck ;) Igor On Mon, 11 Jan 2021 18:58:14 - (UTC) Holger Hoffstätte wrote: > On Mon, 11 Jan 2021 15:01:41 +0100, J. Roeleveld wrote: > > > On Monday, January 11, 2021 2:22:27 PM CET Holger Hoffstätte wrote: > >> On Mon, 11 Jan 2021 13:49:35 +0100, Igor Mróz wrote: > >> > I don't really know - I haven't installed anything. Now I'm not really > >> > sure if this is problem with suspension or just screen resuming after > >> > "turning" it off. I also don't have Nvidia card. > >> > > >> > Igor > >> > >> Try running xorg-server with +suid. > > > > That should not be necessary for suspend/resume. > > I have that flag disabled (as per default) on my laptop and that one gets > > suspended regularly. > > That's great, and yet for me wakeup from suspend does not work properly > with my old r600 Radeon card using xf86-video-ati and xorg-server -suid. > There are other people who have the same issue after the xorg-server > migration to elogind, hence the suggestion. > > -h > > pgpa4kbVqxp_q.pgp Description: OpenPGP digital signature
Re: [gentoo-user] preventing some IP's from from being logged in apache
--"Fascism begins the moment a ruling class, fearing the people may use their political democracy to gain economic democracy, begins to destroy political democracy in order to retain its power of exploitation and special privilege." Tommy Douglas Jan 11, 2021, 17:09 by the...@sys-concept.com: > On 1/11/21 5:00 PM, the...@sys-concept.com wrote: > >> On 1/11/21 4:41 PM, Michael wrote: >> >>> On Monday, 11 January 2021 23:05:55 GMT the...@sys-concept.com wrote: >>> I've one persistent user (Russian IP) that is populating my apache log files. I tried 00_mod_log_config.conf SetEnvIf Remote_Addr "45\.93\.201\.104" dontlog CustomLog /var/log/apache2/deflate_log deflate env=!dontlog CustomLog /var/log/apache2/access_log common env=!dontlog But I still see this IP in my access_log. >>> >>> If it is the same IP address persistently attacking the server, I would be >>> tempted to block it, or the whole /24 subnet it belongs to, at the >>> perimeter >>> firewall. Of course, persistent actors will hop off another IP address, so >>> there are diminishing returns in this game. >>> >> >> I did block this IP and it is working >> Require not ip 45.93.201.0/24 >> >> I hardly resolve to blocking IP from log files, but if they try to >> ping/access your network 4 or 5 per second your log files will tend to grow. >> SetEnvIf Remote_Addr "45\.93\.201\.104" dontlog >> didn't work. >> >> Just today from about 7am to 4pm about 96K pings from this IP. >> > > I forgot to mention, my firewall doesn't have any capabilities to enter any > configuration in IP tables. > Maybe I'll look for one that does. > That would be the thing to do. You want everything logged, so you know what is happening. If you blocked the logging how would you know if they made progress. You want to know when people are trying to break in, and you want to know when their tactics change. Not logging it is like plugging your' ears and closing your' eyes while the battering ram is pounding your' door...