specify the Java compiler version in pom.xml

For example, if you want to use the Java 8 language features (-source 1.8) and also want the compiled classes to be compatible with JVM 1.8 (-target 1.8), you can either add the two following properties, which are the default property names for the plugin parameters:

<project>
  [...]
  <properties>
    <maven.compiler.source>1.8</maven.compiler.source>
    <maven.compiler.target>1.8</maven.compiler.target>
  </properties>
  [...]
</project>

or configure the plugin directly:

<project>
  [...]
  <build>
    [...]
    <plugins>
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-compiler-plugin</artifactId>
        <version>3.7.0</version>
        <configuration>
          <source>1.8</source>
          <target>1.8</target>
        </configuration>
      </plugin>
    </plugins>
    [...]
  </build>
  [...]
</project>

@reference_1_stackoverflow.com
How do you specify the Java compiler version in a pom.xml file?
@reference_2_stackoverflow.com
Specifying java version in maven - differences between properties and compiler plugin
@reference_3_maven.apache.org
Setting the -source and -target of the Java Compiler

import static in Java

example.

import java.lang.Math;

class WithoutStaticImports {

 public static void main(String [] args) {
  System.out.println("round " + Math.round(1032.897));
  System.out.println("min " + Math.min(60,102));
 }
}

Same code, with static imports:

import static java.lang.System.out;
import static java.lang.Math.*;

class WithStaticImports {
  public static void main(String [] args) {
    out.println("round " + round(1032.897));
    out.println("min " + min(60,102));
  }
}

Note: static import can make your code confusing to read.

@reference_1_stackoverflow.com 

What does the “static” modifier after “import” mean?

Can't execute jar- file: “no main manifest attribute”

For Maven, something like the following snippet should do the trick. Note that this is only the plugin definition, not the full pom.xml:

<build>
  <plugins>
    <plugin>
      <!-- Build an executable JAR -->
      <groupId>org.apache.maven.plugins</groupId>
      <artifactId>maven-jar-plugin</artifactId>
      <version>3.0.2</version>
      <configuration>
        <archive>
          <manifest>
            <addClasspath>true</addClasspath>
            <classpathPrefix>lib/</classpathPrefix>
            <mainClass>com.mypackage.MyClass</mainClass>
          </manifest>
        </archive>
      </configuration>
    </plugin>
  </plugins>
</build>

@reference_1_stackoverflow.com

Eclipse/Maven error: “No compiler is provided in this environment”

Go to Window → Preferences → Java → Installed JREs.

And see if there is an entry pointing to your JDK path, and if not, click on Edit button and put the path you configured your JAVA_HOME environment.

@reference_1_stackoverflow.com 

Import Projects from Git

Eclipse platform requires a .project file to import files into the workbench. EGit allows to add repositories which don't contain .project files but you have to create them in order to import them into the Eclipse workbench. This can be done using the following commands:

from (Project, Package, ...) explorer views
- Import... > Git > Projects from Git
- Import... > Git > Projects from Git (with smart import) if you installed the experimental feature "Git Team Provider - experimental auto-import (Incubation)"
from Git repositories view:
- add or clone repository
- then select the repository node and click "Import projects"

@reference_1_eclipse.org 
Possible to use Egit on legacy code without .project. .cproject

Ubuntu-16-04下Shadowsocks服务器端安装及优化

@reference_1_polarxiong.com

read() method return -1 when reach the End of Stream

read()

The read() method of an InputStream returns an int which contains the byte value of the byte read. Here is an InputStream read() example:

int data = inputstream.read();

You can case the returned int to a char like this:

char aChar = (char) data;

Subclasses of InputStream may have alternative read() methods. For instance, the DataInputStream allows you to read Java primitives like int, long, float, double, boolean etc. with its corresponding methods readBoolean(), readDouble() etc.

End of Stream

If the read() method returns -1, the end of stream has been reached, meaning there is no more data to read in the InputStream. That is, -1 as int value, not -1 as byte or short value. There is a difference here!
When the end of stream has been reached, you can close the InputStream.

@reference_1_tutorials.jenkov.com
Java IO: InputStream

Reading from a Socket

To read from a Java Socket you will need to obtains its InputStream. Here is how that is done:

Socket socket = new Socket("jenkov.com", 80);
InputStream in = socket.getInputStream();

int data = in.read();
//... read more data...

in.close();
socket.close();

Pretty simple, right?
Keep in mind that you cannot always just read from the Socket's InputStream until it returns -1, as you can when reading a file. The reason is that -1 is only returned when the server closes the connection. But a server may not always close the connection. Perhaps you want to send multiple requests over the same connection. In that case it would be pretty stupid to close the connection.
Instead you must know how many bytes to read from the Socket's InputStream. This can be done by either the server telling how many bytes it is sending, or by looking for a special end-of-data character.

@reference_2_tutorials.jenkov.com
Java Networking: Socket

Set no password for `su` in Ubuntu 17.04

1. Create new group: groupadd wheel
2. Add your user name: usermod -G wheel your_user_name
3. gedit /etc/pam.d/su

# Uncomment this if you want wheel members to be able to
# su without a password.
auth       sufficient pam_wheel.so trust

Set Java environment variables for all users --- Difference between `su` & `su -`

1.  gedit /etc/profile
2.  add:  export JAVA_HOME=/home/birdonwire/Develop/jdk1.8.0_144/
           export PATH=$JAVA_HOME/bin:$PATH
3.  restart or reopen shell or use source /etc/profile to apply changes immediately

Difference between `su` & `su -`:

Using `su` won't load /etc/profile

birdonwire@win-u5n0t6:~$ su
Password:
root@win-u5n0t6:/home/birdonwire# $PATH
bash: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games: No such file or directory
root@win-u5n0t6:/home/birdonwire#

However `su -` will load /etc/profile

birdonwire@win-u5n0t6:~$ su -
Password:
root@win-u5n0t6:~# $PATH
-su: /home/birdonwire/Bash/com:/home/birdonwire/Develop/jdk1.8.0_144/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin: No such file or directory
root@win-u5n0t6:~#


Q:   Then how to set persistent environment variables for root or all users?
A:   To create persistent variables that are truly system-wide, you should set them both in /etc/environment and /etc/profile .

If you only set environment variables in /etc/environment, `su - <root or other users>` won't  load /etc/environment, but will load /etc/profile , although `su` will load /etc/environment, won't load /etc/profile . Therefore, you have to set environment variables both in /etc/environment and /etc/profile to make sure all users are covered.


@reference_1_stackoverflow.com
How to set JAVA_HOME in Linux for all users
@reference_2_superuser.com

Adjusting $PATH in /etc/profile does not affect root

@reference_3_askubuntu.com 

How do I set persistent environment variables for root?

About using iptables owner match to block a specific application

iptables -A OUTPUT -m owner --gid-owner black -j REJECT

User name (uid) or group name (gid) won't help because these are the IDs of the user executing the application. Thus it would apply to all applications by that particular user and not just a single one.
Blocking a specific application is usually done by blocking all ports the application uses. But this only works if the user can't change the ports the application will use.

@reference_1_unix.stackexchange.com
Block specific application with iptables


Then how to establish a white-list mode using iptables owner match?

#Allow Loopback Connections
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

iptables -A OUTPUT -m owner --uid-owner current_login_user -j REJECT
iptables -A OUTPUT -m owner --uid-owner root -j REJECT
iptables -A OUTPUT -m owner --uid-owner other_users -j REJECT

1. block all the users using above commands
2. create a white-list user allowed to use network
3. start your program using the white-list user under your current login user

root privilege & execute permission

sudo chmod 000 xxx
execution of the script(or program) xxx under the root account will be denied.

sudo chmod 100 xxx
sudo chmod 001 xxx
sudo chmod 010 xxx
either command above will make the execution of the script(or program) xxx under the root account accepted.

Difference between `sh xxx.sh` & `./xxx.sh` commands in ubuntu

`sh xxx.sh` requires +r Permission
`./xxx.sh` requires +rx Permission


@reference_1_forum.ubuntu.org.cn
./和sh的区别

Install nmap on Ubuntu

1. Download
Back on your auditing machine, move into your home directory and use wget to download the link you pasted. Make sure to update the link below to reflect the most recent version you copied from the site:

cd ~

wget https://nmap.org/dist/nmap-7.60.tar.bz2

2. Decompress the file you downloaded and move into the resulting directory by typing:

tar xjvf nmap*

cd nmap*

3. Configure and compile the source code by typing:

./configure

make

4. Once the compilation is complete, you can install the resulting executables and supporting files on your system by typing:

sudo make install

5. Confirm your installation by typing:

nmap -V

The output should match the version you downloaded from the nmap website.

@reference_1_digitalocean.com
How To Test your Firewall Configuration with Nmap and Tcpdump
@reference_2_nmap.org
Source Code Distribution (in case you wish to compile Nmap yourself)

Install Wireshark on Ubuntu

1. Adding this PPA to your system

sudo add-apt-repository ppa:wireshark-dev/stable
sudo apt-get update

2. Install Wireshark

sudo apt-get install wireshark

3. Allow non-root user to be able to sniff

sudo dpkg-reconfigure wireshark-common

select Yes and hit return. This adds a wireshark group. Anybody in that group will be able to sniff without being root.

4. Add user to wireshark group

sudo gedit /etc/group

Add your username to the wireshark group.

@reference_1_launchpad.net
Wireshark stable releases
@reference_2_askubuntu.com

How do I run wireshark, with root-privileges?

@reference_3_linuxidc.com
Ubuntu 16.04下安装网络流量分析工具 Wireshark

Install shadowsocks-libev from source on Ubuntu

1. Install the packages required：

mkdir shadowsocks-libev && cd shadowsocks-libev
apt-get install build-essential autoconf libtool libssl-dev \
  gawk debhelper dh-systemd init-system-helpers pkg-config git

2. Download the source code through git：
git clone https://github.com/shadowsocks/shadowsocks-libev.git
3. build shadowsocks-libev and all its dependencies by script:

mkdir -p ~/build-area/
cp ./scripts/build_deb.sh ~/build-area/
cd ~/build-area
./build_deb.sh

4.Edit /etc/shadowsocks-libev/config.json， configure as follows：

{
 "server":"X.X.X.X",
 "server_port":443,
 "password":"password",
 "timeout":300,
 "method":"aes-256-cfb"
}

5. Startup

Ubuntu/Debian Installed from deb package（Installed from deb package will implicitly activate self start-up）：
service shadowsocks-libev restart

@reference_1_github.com
@reference_2_github.com

Install Wine on Ubuntu 17.04

1. If you have disabled your system update options, enable them. Keep Ubuntu Up to date. Ubuntu automatically notifies when updates are available. (Important)

sudo apt-get update
sudo apt-get upgrade

Update: Synchronizes your list of available packages with the servers in source repositories. Upgrade: Downloads & installs any newer versions of your installed packages.

2. If your system is 64 bit, enable 32 bit architecture (if you haven't already):

sudo dpkg --add-architecture i386 

If you have previously installed a Wine package from another repository, please remove it and any packages that depend on it (e.g., wine-mono, wine-gecko, winetricks) before attempting to install the WineHQ packages, as they may cause dependency conflicts.

3.  Add the repository:

wget https://dl.winehq.org/wine-builds/Release.key
sudo apt-key add Release.key
sudo apt-add-repository 'https://dl.winehq.org/wine-builds/ubuntu/'

4. Update packages:

sudo apt-get update 

5.Then install one of the following packages:

Stable branch	sudo apt-get install --install-recommends winehq-stable
Development branch	sudo apt-get install --install-recommends winehq-devel
Staging branch	sudo apt-get install --install-recommends winehq-staging

If apt-get complains about missing dependencies, install them, then repeat the last two steps (update and install).

@reference_1_wiki.winehq.org
Ubuntu - Installing WineHQ packages
@reference_2_askubuntu.com
How do I resolve unmet dependencies after adding a PPA?


Other Advices:

1. Use aptitude instead of apt-get

Use aptitude instead of apt-get. It is more intelligent. It not only will handle downgrading conflicting packages for you, but will make a series of recommendations asking you which of many possible suggested working scenarios you would like.

sudo aptitude install myNewPackage

If you don't have aptitude on your machine yet, get it with

sudo apt-get install aptitude

2. Clean up your system

recommend trying the following commands.

sudo dpkg --configure -a
sudo apt-get install -f

Answer yes to any prompts and let apt-get try to resolve the issue for you.
EDIT:
try the following command it should clean up your system.

sudo sh -c "apt-get update;apt-get dist-upgrade;apt-get autoremove;apt-get autoclean"

3. Enable all the repositories

If the error shows something like this:
<some-package>: Depends: <other-package> (= version) but this-version is to be installed
Then make sure that the restricted and universe repositories are enabled. Hit Alt+F2, type software-properties-gtk in search bar and hit Enter.
Under Ubuntu Software tab, enable all the repositories.

 

 4. Remove or purge PPA

Use the --remove flag, similar to how the PPA was added:

sudo add-apt-repository --remove ppa:whatever/ppa

As a safer alternative, you can install ppa-purge:

sudo apt-get install ppa-purge

And then remove the PPA, downgrading gracefully packages it provided to packages provided by official repositories:

sudo ppa-purge ppa_name

Note that this will uninstall packages provided by the PPA, but not those provided by the official repositories. If you want to remove them, you should tell it to apt:

sudo apt-get purge package_name

You can also remove PPAs by deleting the .list files from /etc/apt/sources.list.d directory.

you can also disable or remove PPAs from the "Software Sources" section in Ubuntu Settings with a few clicks of your mouse (no terminal needed).

Do not forget to update with:

sudo apt-get update

To get a list of repositories apt-get is checking, run the following command:

apt-cache policy

5. Other solutions

• One possible cause of unmet dependencies could be corrupted package database, and/or some packages weren’t installed properly. To fix this problem, hit Alt+Ctrl+T to open terminal and try to run one of the following commands:
  

  sudo apt-get clean

  or,
  

  sudo apt-get autoclean

  apt-get clean clears out the local repository of retrieved package files (the .deb files). It removes everything but the lock file from /var/cache/apt/archives/ and /var/cache/apt/archives/partial/. apt-get autoclean clears out the local repository of retrieved package files, but unlike apt-get clean, it only removes package files that can no longer be downloaded, and are largely useless.
• One of the most basic fixes to resolve dependencies problems is to run:
  

  sudo apt-get -f install

  The -f here stands for “fix broken”. Apt will attempt to correct broken dependencies. If you manually installed a package that had unmet dependencies, apt-get will install those dependencies, if possible, otherwise it may simply remove the package that you installed in order to resolve the problem.
  Then run:
  

  sudo dpkg --configure -a

  Then run this again:
  

  sudo apt-get -f install

  If the output is:
  0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
  That means it failed.
• Next solution is to run:
  

  sudo apt-get -u dist-upgrade

  If it shows any held packages, it is best to eliminate them. Packages are held because of dependency conflicts that apt cannot resolve. Try this command to find and repair the conflicts:
  

  sudo apt-get -o Debug::pkgProblemResolver=yes dist-upgrade

  If it cannot fix the conflicts, it will exit with:
  0 upgraded, 0 newly installed, 0 to remove and 6 not upgraded.
  Delete the held packages one by one, running dist-upgrade each time, until there are no more held packages. Then reinstall any needed packages. Be sure to use the --dry-run option, so that you are fully informed of consequences:
  

  sudo apt-get remove --dry-run package-name

  Since removing the package you are trying to install may not be ideal, you might also try finding a repository that has the packages you need to satisfy the dependencies.

Finally, if all else fails, you can attempt to satisfy the dependencies yourself, either by finding and installing the necessary packages, or by installing them from source and then creating “deb” packages for them.

@reference_3_askubuntu.com
E: Unable to correct problems, you have held broken packages
@reference_4_askubuntu.com

How to fix dependencies / broken packages [duplicate]

@reference_5_askubuntu.com

How do I resolve unmet dependencies after adding a PPA?

@reference_6_askubuntu.com

How can PPAs be removed?

@reference_7_stackoverflow.com 

How to get a list of repositories apt-get is checking?

How iptables tables and chains are traversed

@reference_1_unix.stackexchange.com

How iptables tables and chains are traversed

@reference_2_iptables.info 

Chapter 6. Traversing of tables and chains

@reference_3_wikipedia.org 

Netfilter

@reference_4_thegeekstuff.com 

Linux Firewall Tutorial: IPTables Tables, Chains, Rules Fundamentals

@reference_5_digitalocean.com 

A Deep Dive into Iptables and Netfilter Architecture

Iptables Chain Traversal Order

Netfilter Hooks

There are five netfilter hooks that programs can register with. As packets progress through the stack, they will trigger the kernel modules that have registered with these hooks. The hooks that a packet will trigger depends on whether the packet is incoming or outgoing, the packet's destination, and whether the packet was dropped or rejected at a previous point.
The following hooks represent various well-defined points in the networking stack:

• NF_IP_PRE_ROUTING: This hook will be triggered by any incoming traffic very soon after entering the network stack. This hook is processed before any routing decisions have been made regarding where to send the packet.
• NF_IP_LOCAL_IN: This hook is triggered after an incoming packet has been routed if the packet is destined for the local system.
• NF_IP_FORWARD: This hook is triggered after an incoming packet has been routed if the packet is to be forwarded to another host.
• NF_IP_LOCAL_OUT: This hook is triggered by any locally created outbound traffic as soon it hits the network stack.
• NF_IP_POST_ROUTING: This hook is triggered by any outgoing or forwarded traffic after routing has taken place and just before being put out on the wire.

Assuming that the server knows how to route a packet and that the firewall rules permit its transmission, the following flows represent the paths that will be traversed in different situations:

• Incoming packets destined for the local system: PREROUTING -> INPUT
• Incoming packets destined to another host: PREROUTING -> FORWARD -> POSTROUTING
• Locally generated packets: OUTPUT -> POSTROUTING

If we combine the above information with the ordering laid out in the previous table, we can see that an incoming packet destined for the local system will first be evaluated against the PREROUTING chains of the raw, mangle, and nat tables. It will then traverse the INPUT chains of the mangle, filter, security, and nat tables before finally being delivered to the local socket.

@reference_1_digitalocean.com
A Deep Dive into Iptables and Netfilter Architecture

Iptables Commands Examples

#Allow Loopback Connections
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

#Allow Established and Related Incoming Connections
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
#Allow Established Outgoing Connections
iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Internal to External
#iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

#Drop Invalid Packets
iptables -A INPUT -m conntrack --ctstate INVALID -j DROP

#Block an IP Address
#iptables -A INPUT -s 15.15.15.51 -j DROP
#iptables -A INPUT -s 15.15.15.51 -j REJECT
#Block Connections to a Network Interface
#iptables -A INPUT -i eth0 -s 15.15.15.51 -j DROP

#Allow All Incoming SSH
iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow Incoming SSH from Specific IP address or subnet
iptables -A INPUT -p tcp -s 112.11.0.0/16 --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -s 172.104.167.8 --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -s 139.162.68.174 --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -s 23.92.25.19 --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow Outgoing SSH
iptables -A OUTPUT -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow Incoming Rsync from Specific IP Address or Subnet
#iptables -A INPUT -p tcp -s 15.15.15.0/24 --dport 873 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -p tcp --sport 873 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow All Incoming HTTP
iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 80 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow All Incoming HTTPS
iptables -A INPUT -p tcp --dport 443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 443 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow All Incoming HTTP and HTTPS
iptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -m multiport --dports 80,443 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow MySQL from Specific IP Address or Subnet
#iptables -A INPUT -p tcp -s 15.15.15.0/24 --dport 3306 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -p tcp --sport 3306 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow MySQL to Specific Network Interface
#iptables -A INPUT -i eth1 -p tcp --dport 3306 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -o eth1 -p tcp --sport 3306 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#PostgreSQL from Specific IP Address or Subnet
#iptables -A INPUT -p tcp -s 15.15.15.0/24 --dport 5432 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -p tcp --sport 5432 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow PostgreSQL to Specific Network Interface
#iptables -A INPUT -i eth1 -p tcp --dport 5432 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -o eth1 -p tcp --sport 5432 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Block Outgoing SMTP Mail
iptables -A OUTPUT -p tcp --dport 25 -j REJECT

#Allow All Incoming SMTP
#iptables -A INPUT -p tcp --dport 25 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -p tcp --sport 25 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow All Incoming IMAP
#iptables -A INPUT -p tcp --dport 143 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -p tcp --sport 143 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow All Incoming IMAPS
#iptables -A INPUT -p tcp --dport 993 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -p tcp --sport 993 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow All Incoming POP3
#iptables -A INPUT -p tcp --dport 110 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -p tcp --sport 110 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#Allow All Incoming POP3S
#iptables -A INPUT -p tcp --dport 995 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -p tcp --sport 995 -m conntrack --ctstate ESTABLISHED -j ACCEPT

#iptables -A INPUT -p tcp --dport 22 -j ACCEPT
#iptables -A INPUT -p tcp --dport 8443 -j ACCEPT
#iptables -I INPUT 1 -i lo -j ACCEPT

#Allow DNS
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --sport 53 -j ACCEPT

#Default rules
iptables -A INPUT -j DROP
iptables -A OUTPUT -j DROP

##Source:
@reference_1_digitalocean.com
Iptables Essentials: Common Firewall Rules and Commands

@reference_2_digitalocean.com
How To Set Up a Firewall Using Iptables on Ubuntu 14.04

@reference_3_digitalocean.com
How the Iptables Firewall Works

Activate TCP BBR on Linode VPS

Linux kernel 4.9+ required to support "tcp_bbr"

If your kernel doesn't support  "tcp_bbr", update it.

1. Download the latest Linux kernel, for example:

`wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.10.17/

linux-image-4.10.17-041017-generic_4.10.17-041017.201705201051_amd64.deb`

2. Install the kernel:

`dpkg -i linux-image-4.*.deb`

3. Delete old kernel:

`dpkg -l | grep linux-image `
`apt-get purge (old kernel)`

4. Update grub & reboot

`update-grub`
`reboot`

5. Edit Configuration Profile --> Kernel --> GRUB 2 in Linode Manager Console, then reboot

Turn on BBR

1. execute command `uname -r` to see if the kernel version >= 4.9

2. execute command `lsmod | grep bbr`，if there is no `tcp_bbr` in the result, execute the following commands first:

`modprobe tcp_bbr`
`echo "tcp_bbr" >> /etc/modules-load.d/modules.conf` 

3. Execute:

`echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf`
`echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf`

4. Save:

`sysctl -p`

5. Execute:

`sysctl net.ipv4.tcp_available_congestion_control`
`sysctl net.ipv4.tcp_congestion_control`

If there is `tcp_bbr` in the result, it means that your kernel has turned BBR on. The BBR has been activated when you see the `tcp_bbr`.

@reference_1_github.com
开启TCP BBR拥塞控制算法
@reference_2_orchidflower.oschina.io
在Linode节点上开启BBR算法

update:
http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.13.5/linux-image-
4.13.5-041305-generic_4.13.5-041305.201710050600_amd64.deb

Can't open Apps from the SearchBar in windows 10

Setting the option "Language for non-Unicode programs" to Chinese(or other languages) or making other language settings in windows 10 may result in the problem of "can't open Apps from SearchBar (click with no response)". Even if you change it back when it happens, the problem won't disappear.

Solution:
1. first change the settings back to the original language
2. set the windows display language to Chinese(or other languages)
3. change the system display language back to English

Some similar problems:
@reference_1_answers.microsoft.com
Q: Windows 10 - Can't Open Apps From Search Bar
@reference_2_superuser.com
Windows 10 - Can't open apps I search for in the start menu
@reference_3_tomshardware.com
can't open apps founded through search
@reference_4_superuser.com
Win 10 - Can't open Desktop Apps from SearchBar

T470p: Dual-boot Ubuntu 16.04 and Windows 10 on a PC with UEFI firmware

The key point (red note):
From the Device for boot loader installation, select the efi partition. On the system used for this article, that partition corresponds to /dev/sda2 ( NOTE: select the Windows Boot Manager ), that is, the second partition on the hard drive. Then click on the Install Now button to continue with the rest of the installation.

 

@reference_1_linuxbsdos.com

Wireshark & NPF

Wireshark not working in Win10, for example, you find no network interface showing up to select in Wireshark, it may prompt that "The NPF isn't running" or NOT, anyhow try this: run cmd as administrator, input command: net start npf , then restart wireshark to see if the problem has been solved. If you want to shut down npf service, just run the net stop npf command. 

@reference_1_blog.csdn.net 
关于Wireshark "The NPF driver isn’t running……"解决办法


The npf driver is not visible in your regular "Computer Management" WMI-interface. The npf status is best checked with the command line.
Run a cmd.exe as administrator and run the command sc qc npf.
You should get some output like this:

C:\Windows\system32>sc qc npf
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: npf
        TYPE               : 1  KERNEL_DRIVER
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : system32\drivers\npf.sys
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : NetGroup Packet Filter Driver
        DEPENDENCIES       :
        SERVICE_START_NAME :

If your driver is not properly started, activate it with the command sc start npf
Finally, to start the service automatically, use the command sc config npf start=auto
Remember to run your cmd.exe as administrator when issuing these command.







@reference_2_ask.wireshark.org

NPF driver Problem in Windows 7

How to get Thread Name in Runnable's run() method

Thread Names

When you create a Java thread you can give it a name. The name can help you distinguish different threads from each other. For instance, if multiple threads write to System.out it can be handy to see which thread wrote the text. Here is an example:

   Thread thread = new Thread("New Thread") {
      public void run(){
        System.out.println("run by: " + getName());
      }
   };
   thread.start();
   System.out.println(thread.getName());

Notice the string "New Thread" passed as parameter to the Thread constructor. This string is the name of the thread. The name can be obtained via the Thread's getName() method. You can also pass a name to a Thread when using a Runnable implementation. Here is how that looks:

   MyRunnable runnable = new MyRunnable();
   Thread thread = new Thread(runnable, "New Thread");
   thread.start();
   System.out.println(thread.getName());

Notice however, that since the MyRunnable class is not a subclass of Thread, it does not have access to the getName() method of the thread executing it. 

For example, you can't do it like this:

Runnable r = new Runnable(){
   public void run(){
      System.out.println( getName() + " running");  
      // you can't call getName() method here
   }; 
};

Thread.currentThread()

The Thread.currentThread() method returns a reference to the Thread instance executing currentThread() . This way you can get access to the Java Thread object representing the thread executing a given block of code. Here is an example of how to use Thread.currentThread() :

Thread thread = Thread.currentThread();

Once you have a reference to the Thread object, you can call methods on it. For instance, you can get the name of the thread currently executing the code like this:

   String threadName = Thread.currentThread().getName(); 

but you can get thread name like this:

Runnable r = new Runnable(){
   public void run(){
      System.out.println(Thread.currentThread().getName() + " running"); 
      // but you can get thread name like this      
   }; 
};

@reference_1_tutorials.jenkov.com
Creating and Starting Java Threads

Java Runtime class

Java Runtime class is used to interact with java runtime environment. Java Runtime class provides methods to execute a process, invoke GC, get total and free memory etc. There is only one instance of java.lang.Runtime class is available for one java application.
The Runtime.getRuntime() method returns the singleton instance of Runtime class.

How to shutdown system in Java

You can use shutdown -s command to shutdown system. For windows OS, you need to provide full path of shutdown command e.g. c:\\Windows\\System32\\shutdown.
Here you can use -s switch to shutdown system, -r switch to restart system and -t switch to specify time delay.

public class Runtime2{  
 public static void main(String args[])throws Exception{  
  Runtime.getRuntime().exec("shutdown -s -t 0");  
 }  
}  

How to shutdown windows system in Java

public class Runtime2{  
 public static void main(String args[])throws Exception{  
  Runtime.getRuntime().exec("c:\\Windows\\System32\\shutdown -s -t 0");  
 }  
}  

How to restart system in Java

public class Runtime3{  
 public static void main(String args[])throws Exception{  
  Runtime.getRuntime().exec("shutdown -r -t 0");  
 }  
}  

@reference_1_javatpoint.com
Java Runtime class

preemptive scheduling 剥夺式调度

In computing, preemption is the act of temporarily interrupting a task being carried out by a computer system, without requiring its cooperation, and with the intention of resuming the task at a later time. Such changes of the executed task are known as context switches. It is normally carried out by a privileged task or part of the system known as a preemptive scheduler, which has the power to preempt, or interrupt, and later resume, other tasks in the system.

@reference_1_wikipedia
Preemption (computing)

剥夺式（preemptive）调度，又称抢先式调度。当进程/线程正在处理器上运行时，系统可根据所规定的原则剥夺分配给此进程/线程的处理器，并将其移入就绪列队，选择其他进程/线程运行。

 有两种常用的处理器剥夺原则，一是高优先级进程/线程可剥夺低进程/线程；二是当运行进程/线程的时间片用完后被剥夺，在动态改变进程/线程优先级的系统中，经常会出现这样的情况。

@reference_1_baike.baidu.com 

剥夺式调度

@reference_3_differencebetween.net
Difference between Preemptive and Non-Preemptive Scheduling in Operating Systems

implements Runnable or extends Thread

两种实现方式的区别和联系：
在程序开发中只要是多线程肯定永远以实现Runnable接口为主，因为实现Runnable接口相比继承Thread类有如下好处：

• 避免点继承的局限，一个类可以继承多个接口。
• 适合于资源的共享

以卖票程序为例，通过Thread类完成：

package org.demo.dff;   
class MyThread extends Thread{   
private int ticket=10;   
public void run(){   
for(int i=0;i<20;i++){   
if(this.ticket>0){   
System.out.println("卖票：ticket"+this.ticket--);   
}   
}   
}   
}; 

下面通过三个线程对象，同时卖票：

package org.demo.dff;   
public class ThreadTicket {   
public static void main(String[] args) {   
MyThread mt1=new MyThread();   
MyThread mt2=new MyThread();   
MyThread mt3=new MyThread();   
mt1.start();//每个线程都各卖了10张，共卖了30张票   
mt2.start();//但实际只有10张票，每个线程都卖自己的票   
mt3.start();//没有达到资源共享   
}   
} 

如果用Runnable就可以实现资源共享，下面看例子：

package org.demo.runnable;   
class MyThread implements Runnable{   
private int ticket=10;   
public void run(){   
for(int i=0;i<20;i++){   
if(this.ticket>0){   
System.out.println("卖票：ticket"+this.ticket--);   
}   
}   
}   
}   
package org.demo.runnable;   
public class RunnableTicket {   
public static void main(String[] args) {   
MyThread mt=new MyThread();   
new Thread(mt).start();//同一个mt，但是在Thread中就不可以，如果用同一   
new Thread(mt).start();//个实例化对象mt，就会出现异常   
new Thread(mt).start();   
}   
};

虽然现在程序中有三个线程，但是一共卖了10张票，也就是说使用Runnable实现多线程可以达到资源共享目的。 Runnable接口和Thread之间的联系：
public class Thread extends Object implements Runnable
发现Thread类也是Runnable接口的子类。

@reference_1_developer.51cto.com
Java中Runnable和Thread的区别

daemon thread

@reference_1_stackoverflow
What is Daemon thread in Java?

Daemon thread in java is a service provider thread that provides services to the user thread. Its life depend on the mercy of user threads i.e. when all the user threads dies, JVM terminates this thread automatically.
There are many java daemon threads running automatically e.g. gc, finalizer etc.
You can see all the detail by typing the jconsole in the command prompt. The jconsole tool provides information about the loaded classes, memory usage, running threads etc.

Points to remember for Daemon Thread in Java

• It provides services to user threads for background supporting tasks. It has no role in life than to serve user threads.
• Its life depends on user threads.
• It is a low priority thread.

No.	Method	Description
1)	public void setDaemon(boolean status)	is used to mark the current thread as daemon thread or user thread.
2)	public boolean isDaemon()	is used to check that current is daemon.

Note: If you want to make a user thread as Daemon, it must not be started otherwise it will throw IllegalThreadStateException.

class TestDaemonThread2 extends Thread{  
 public void run(){  
  System.out.println("Name: "+Thread.currentThread().getName());  
  System.out.println("Daemon: "+Thread.currentThread().isDaemon());  
 }  
  
 public static void main(String[] args){  
  TestDaemonThread2 t1=new TestDaemonThread2();  
  TestDaemonThread2 t2=new TestDaemonThread2();  
  t1.start();  
  t1.setDaemon(true);//will throw exception here  
  t2.start();  
 }  
}  

@reference_2_javatpoint.com
Daemon Thread in Java

two synchronized methods one lock - The synchronized keyword applies on object level

Question:

If i synchronized two methods on the same class, can they run simultaneously on the same object? for example:

class A {
    public synchronized void methodA() {
        //method A
    }

    public synchronized void methodB() {
        // method B
    }
}

I know that I can't run methodA() twice on same object in two different threads. same thing in methodB().
But can I run methodB() on different thread while methodA() is still running? (same object)

Answer:

Putting synchronized on a method means the thread has to acquire the lock on the object instance before entering that method, so if you have two different methods marked synchronized the threads entering them will be contending for the same lock, and once one thread gets the lock all other threads are shut out of all methods that synchronize on that same lock. So in order for the two methods to run concurrently they would have to use different locks, like this:

class A {
    private final Object lockA = new Object();
    private final Object lockB = new Object();

    public void methodA() {
        synchronized(lockA) {
            //method A
        }
    }

    public void methodB() {
        synchronized(lockB) {
            //method B
        }
    }
}

@reference_1_stackoverflow
If i synchronized two methods on the same class, can they run simultaneously?


The synchronized keyword applies on object level, and only one thread can hold the lock of the object. 
@reference_2_stackoverflow
Do two synchronized methods execute simultaneously

@reference_3_stackoverflow
Java two synchronized methods in one instance
@reference_4_stackoverflow
Object locking private class members - best practice? (Java)

Exception Enrichment in Java

Exception enrichment is an alternative to exception wrapping. Exception wrapping has a couple of disadvantages that exception enrichment can fix. These disadvantages are:

• Exception wrapping may result in very long stack traces consisting of one stack trace for each exception in the wrapping hierarchy. Most often only the root stack trace is interesting. The rest of the stack traces are then just annoying.
  
  
• The messages of the exceptions are spread out over the stack traces. The message of an exception is typically printed above the stack trace. When several exceptions wrap each other in a hierarchy, all these messages are spread out in between the stack traces. This makes it harder to determine what went wrong, and what the program was trying to do when the error happened. In other words, it makes it hard to determine in what context the error occurred. The error might have occurred in a PersonDao class, but was it called from a servlet or from a web service when it failed?
  
  

In exception enrichment you do not wrap exceptions. Instead you add contextual information to the original exception and rethrow it. Rethrowing an exception does not reset the stack trace embedded in the exception.
Here is an example:

  public void method2() throws EnrichableException{
     try{
        method1(); 
     } catch(EnrichableException e){
        e.addInfo("An error occurred when trying to ...");
        throw e;
     }
  }
  
  public void method1() throws EnrichableException {
     if(...) throw new EnrichableException(
        "Original error message");   
  }

As you can see the method1() throws an EnrichableException which is a superclass for enrichable exceptions. This is not a standard Java exception, so you will have to create it yourself. There is an example EnrichableException at the end of this text.
Notice how method2() calls the addInfo() method on the caught EnrichableException, and rethrow it afterwards. As the exception propagates up the call stack, each catch block can add relevant information to the exception if necessary.
Using this simple technique you only get a single stack trace, and still get any relevant contextual information necessary to investigate the cause of the exception.

Unique Error Codes

It is sometimes a requirement that each error raised in an application is identified by a unique error code. This can be a bit problematic since some errors are raised inside components that are reused throughout the application. Therefore an exception may seem the same to the component throwing it, but the context in which the exception occurs is different.
Here is an example:

  public void method3() throws EnrichableException{
     try{
        method1(); 
     } catch(EnrichableException e){
        e.addInfo("An error occurred when trying to ...");
        throw e;
     }
  }

  public void method2() throws EnrichableException{
     try{
        method1(); 
     } catch(EnrichableException e){
        e.addInfo("An error occurred when trying to ...");
        throw e;
     }
  }
  
  public void method1() throws EnrichableException {
     if(...) throw new EnrichableException(
        "ERROR1", "Original error message");   
  }

Notice how method1() adds the code "ERROR1" to the thrown EnrichableException to uniquely identify that error cause. But notice too that method1() is called from both method2() and method3(). Though the error may seem the same to method1() no matter which of method2() and method3() that called it, this may important to know for the developer investigating the error. The error code "ERROR1" is enough to determine where the error occurred, but not in what context it occurred.
A solution to this problem is to add unique context error codes to the exception the same way the other contextual information is added. Here is an example where the addInfo() method has been changed to accommodate this:

  public void method3() throws EnrichableException{
     try{
        method1(); 
     } catch(EnrichableException e){
        e.addInfo("METHOD3", "ERROR1",
            "An error occurred when trying to ...");
        throw e;
     }
  }

  public void method2() throws EnrichableException{
     try{
        method1(); 
     } catch(EnrichableException e){
        e.addInfo("METHOD2", "ERROR1",
            "An error occurred when trying to ...");
        throw e;
     }
  }
  
  public void method1() throws EnrichableException {
     if(...) throw new EnrichableException(
        "METHOD1", "ERROR1", "Original error message");   
  }

Two new parameters have been added to the addInfo() method and the constructor of the EnrichableException. The first parameter is a code identifying the context in which the error occurred. The second parameter is a unique error code within that context. An error identification for an exception thrown by method1() when called from method2() will now look like this:

 [METHOD2:ERROR1][METHOD1:ERROR1]

When method1() is called from method3() the error identification will look like this:

 [METHOD3:ERROR1][METHOD1:ERROR1]

As you can see it is now possible to distinguish an exception thrown from method1() via method2() from the same exception thrown from method1() via method3().
You may not always need the extra contextual error codes, but when you do the solution sketched in this section is an option.

Wrapping Non-Enrichable Exceptions

You may not always be able to avoid exception wrapping. If a component in your application throws a checked exception that is not enrichable, you may have to wrap it in an enrichable exception. Here is an example where method1() catches a non-enrichable exception and wraps it in an enrichable exception, and throws the enrichable exception:

  public void method1() throws EnrichableException {
    
     try{
    
        ... call some method that throws an IOException ...
    
     } catch(IOException ioexception)
        throw new EnrichableException( ioexception,
          "METHOD1", "ERROR1", "Original error message");   
  }

Unchecked EnrichableException

I used to be in favor of checked exceptions but over the last couple of years my opinion has changed. Now i feel that checked exceptions are more of a nuisance than a help. Therefore I would prefer to make my EnrichableException unchecked, by having it extend RuntimeException.
There is a more thorough discussion of checked and unchecked exceptions in the text "Checked vs. Unchecked Exceptions".

Exception Enrichment and Pluggable Exception Handlers

Like with any other exception type it is possible to use pluggable exception handlers with enrichable exceptions. If you use the unique error codes described earlier these codes must be added as paremeters to the exception handler interface. Here is an example exception handler interface supporting these unique error codes:

public interface ExceptionHandler{

   public void handle(String contextCode, String errorCode,
                      String errorText, Throwable t)

   public void raise(String contextCode, String errorCode,
                     String errorText);
   
}

Exceptions caught in the program will be passed to the handleException() which will decide what concrete exception to throw instead. In this case an EnrichableException is thrown. If the EnrichableException is unchecked it is not necessary to declare it in the handleException() method.

An Example EnrichableException

Below is an example of an enrichable exception that you can use as a template for your own enrichable exceptions. You may need to change the class definition to suit your own needs. The exception is designed to use unique error codes as described earlier in this text.
Below the code is an example application that uses the EnrichableException, and a stack trace generated from this application.

import java.util.ArrayList;
import java.util.List;

public class EnrichableException extends RuntimeException {
    public static final long serialVersionUID = -1;

    protected List<InfoItem> infoItems =
            new ArrayList<InfoItem>();

    protected class InfoItem{
        public String errorContext = null;
        public String errorCode  = null;
        public String errorText  = null;
        public InfoItem(String contextCode, String errorCode,
                                     String errorText){

            this.errorContext = contextCode;
            this.errorCode   = errorCode;
            this.errorText   = errorText;
        }
    }


    public EnrichableException(String errorContext, String errorCode,
                               String errorMessage){

        addInfo(errorContext, errorCode, errorMessage);
    }

    public EnrichableException(String errorContext, String errorCode,
                               String errorMessage, Throwable cause){
        super(cause);
        addInfo(errorContext, errorCode, errorMessage);
    }

    public EnrichableException addInfo(
        String errorContext, String errorCode, String errorText){

        this.infoItems.add(
            new InfoItem(errorContext, errorCode, errorText));
        return this;
    }

    public String getCode(){
        StringBuilder builder = new StringBuilder();

        for(int i = this.infoItems.size()-1 ; i >=0; i--){
            InfoItem info =
                this.infoItems.get(i);
            builder.append('[');
            builder.append(info.errorContext);
            builder.append(':');
            builder.append(info.errorCode);
            builder.append(']');
        }

        return builder.toString();
    }

    public String toString(){
        StringBuilder builder = new StringBuilder();

        builder.append(getCode());
        builder.append('\n');


        //append additional context information.
        for(int i = this.infoItems.size()-1 ; i >=0; i--){
            InfoItem info =
                this.infoItems.get(i);
            builder.append('[');
            builder.append(info.errorContext);
            builder.append(':');
            builder.append(info.errorCode);
            builder.append(']');
            builder.append(info.errorText);
            if(i>0) builder.append('\n');
        }

        //append root causes and text from this exception first.
        if(getMessage() != null) {
            builder.append('\n');
            if(getCause() == null){
                builder.append(getMessage());
            } else if(!getMessage().equals(getCause().toString())){
                builder.append(getMessage());
            }
        }
        appendException(builder, getCause());

        return builder.toString();
    }

    private void appendException(
            StringBuilder builder, Throwable throwable){
        if(throwable == null) return;
        appendException(builder, throwable.getCause());
        builder.append(throwable.toString());
        builder.append('\n');
    }

[L1:E1][L2:E2][L3:E3]
[L1:E1]Error in level 1, calling level 2
[L2:E2]Error in level 2, calling level 3
[L3:E3]Error at level 3
java.lang.IllegalArgumentException: incorrect argument passed

 at exception.ExceptionTest$1.handle(ExceptionTest.java:8)
 at exception.ExceptionTest.level3(ExceptionTest.java:49)
 at exception.ExceptionTest.level2(ExceptionTest.java:38)
 at exception.ExceptionTest.level1(ExceptionTest.java:29)
 at exception.ExceptionTest.main(ExceptionTest.java:21)
Caused by: java.lang.IllegalArgumentException: incorrect argument passed
 at exception.ExceptionTest.level4(ExceptionTest.java:54)
 at exception.ExceptionTest.level3(ExceptionTest.java:47)
 ... 3 more

public class ExceptionTest {
 
    protected ExceptionHandler exceptionHandler = new ExceptionHandler(){
        public void handle(String errorContext, String errorCode,
                           String errorText, Throwable t){

            if(! (t instanceof EnrichableException)){
                throw new EnrichableException(
                    errorContext, errorCode, errorText, t);
            } else {
                ((EnrichableException) t).addInfo(
                    errorContext, errorCode, errorText);
            }
        }

        public void raise(String errorContext, String errorCode,
                          String errorText){
            throw new EnrichableException(
                errorContext, errorCode, errorText);
        }
    };

    public static void main(String[] args){
        ExceptionTest test = new ExceptionTest();
        try{
            test.level1();
        } catch(Exception e){
            e.printStackTrace();
        }
    }

    public void level1(){
        try{
            level2();
        } catch (EnrichableException e){
            this.exceptionHandler.handle(
                "L1", "E1", "Error in level 1, calling level 2", e);
            throw e;
        }
    }

    public void level2(){
        try{
            level3();
        } catch (EnrichableException e){
            this.exceptionHandler.handle(
                "L2", "E2", "Error in level 2, calling level 3", e);
            throw e;
        }
    }

    public void level3(){
        try{
            level4();
        } catch(Exception e){
            this.exceptionHandler.handle(
                "L3", "E3", "Error at level 3", e);
        }
    }

    public void level4(){
        throw new IllegalArgumentException("incorrect argument passed");
    }

} 

@reference_1_tutorials.jenkov.com
Exception Enrichment in Java

Exception Handling Templates in Java

Correct Error Handling is Tedious to Write

Correct exception handling code can be tedious to write. Try-catch blocks also clutter the code and makes it harder to read. Look at the example below:

    Input       input            = null;
    IOException processException = null;
    try{
        input = new FileInputStream(fileName);

        //...process input stream...
    } catch (IOException e) {
        processException = e;
    } finally {
       if(input != null){
          try {
             input.close();
          } catch(IOException e){
             if(processException != null){
                throw new MyException(processException, e,
                  "Error message..." +
                  fileName);
             } else {
                throw new MyException(e,
                    "Error closing InputStream for file " +
                    fileName;
             }
          }
       }
       if(processException != null){
          throw new MyException(processException,
            "Error processing InputStream for file " +
                fileName;
    }

In this example no exceptions are lost. If an exception is thrown from within the try block, and another exception is thrown from the input.close() call in the finally block, both exceptions are preserved in the MyException instance, and propagated up the call stack.
That is how much code it takes to handle the processing of an input stream without any exceptions being lost. In fact it only even catches IOExceptions. RuntimeExceptions thrown from the try-block are not preserved, if the input.close() call also throws an exception. Isn't it ugly? Isn't it hard to read what is actually going on? Would you remember to write all that code everytime you process an input stream?
Luckily there is a simple design pattern, the Template Method, that can help you get the exception handling right everytime, without ever seeing or writing it in your code. Well, maybe you will have to write it once, but that's it.
What you will do is to put all the exception handling code inside a template. The template is just a normal class. Here is a template for the above input stream exception handling:

public abstract class InputStreamProcessingTemplate {

    public void process(String fileName){
        IOException processException = null;
        InputStream input = null;
        try{
            input = new FileInputStream(fileName);

            doProcess(input);
        } catch (IOException e) {
            processException = e;
        } finally {
           if(input != null){
              try {
                 input.close();
              } catch(IOException e){
                 if(processException != null){
                    throw new MyException(processException, e,
                      "Error message..." +
                      fileName);
                 } else {
                    throw new MyException(e,
                        "Error closing InputStream for file " +
                        fileName;
                 }
              }
           }
           if(processException != null){
              throw new MyException(processException,
                "Error processing InputStream for file " +
                    fileName;
        }
    }

    //override this method in a subclass, to process the stream.
    public abstract void doProcess(InputStream input) throws IOException;
}

All the exception handling is encapulated inside the InputStreamProcessingTemplate class. Notice how the process() method calls the doProcess() method inside the try-catch block. You will use the template by subclassing it, and overriding the doProcess() method. To do this, you could write:

    new InputStreamProcessingTemplate(){
        public void doProcess(InputStream input) throws IOException{
            int inChar = input.read();
            while(inChar !- -1){
                //do something with the chars...
            }
        }
    }.process("someFile.txt");

This example creates an anonymous subclass of the InputStreamProcessingTemplate class, instantiates an instance of the subclass, and calls its process() method.
This is a lot simpler to write, and easier to read. Only the domain logic is visible in the code. The compiler will check that you have extended the InputStreamProcessingTemplate correctly. You will typically also get more help from your IDE's code completion when writing it, because the IDE will recognize both the doProcess() and process() methods.
You can now reuse the InputStreamProcessingTemplate in any place in your code where you need to process a file input stream. You can easily modify the template to work for all input streams and not just files.

Using Interfaces Instead of Subclassing

Instead of subclassing the InputStreamProcessingTempate you could rewrite it to take an instance of an InputStreamProcessor interface. Here is how it could look:

public interface InputStreamProcessor {
    public void process(InputStream input) throws IOException;
}


public class InputStreamProcessingTemplate {

    public void process(String fileName, InputStreamProcessor processor){
        IOException processException = null;
        InputStream input = null;
        try{
            input = new FileInputStream(fileName);

            processor.process(input);
        } catch (IOException e) {
            processException = e;
        } finally {
           if(input != null){
              try {
                 input.close();
              } catch(IOException e){
                 if(processException != null){
                    throw new MyException(processException, e,
                      "Error message..." +
                      fileName;
                 } else {
                    throw new MyException(e,
                        "Error closing InputStream for file " +
                        fileName);
                 }
              }
           }
           if(processException != null){
              throw new MyException(processException,
                "Error processing InputStream for file " +
                    fileName;
        }
    }
}

Notice the extra parameter in the template's process() method. This is the InputStreamProcessor, which is called from inside the try block (processor.process(input)). Using this template would look like this:

    new InputStreamProcessingTemplate()
        .process("someFile.txt", new InputStreamProcessor(){
            public void process(InputStream input) throws IOException{
                int inChar = input.read();
                while(inChar !- -1){
                    //do something with the chars...
                }
            }
        });

It doesn't look much different from the previous usage, except the call to the InputStreamProcessingTemplate.process() method is now closer to the top of the code. This may be easier to read.

Static Template Methods

It is also possible to implement the template method as a static method. This way you don't need to instantiate the template as an object every time you call it. Here is how the InputStreamProcessingTemplate would look as a static method:

public class InputStreamProcessingTemplate {

    public static void process(String fileName,
    InputStreamProcessor processor){
        IOException processException = null;
        InputStream input = null;
        try{
            input = new FileInputStream(fileName);

            processor.process(input);
        } catch (IOException e) {
            processException = e;
        } finally {
           if(input != null){
              try {
                 input.close();
              } catch(IOException e){
                 if(processException != null){
                    throw new MyException(processException, e,
                      "Error message..." +
                      fileName);
                 } else {
                    throw new MyException(e,
                        "Error closing InputStream for file " +
                        fileName;
                 }
              }
           }
           if(processException != null){
              throw new MyException(processException,
                "Error processing InputStream for file " +
                    fileName;
        }
    }
}

The process(...) method is simply made static. Here is how it looks to call the method:

    InputStreamProcessingTemplate.process("someFile.txt",
        new InputStreamProcessor(){
            public void process(InputStream input) throws IOException{
                int inChar = input.read();
                while(inChar !- -1){
                    //do something with the chars...
                }
            }
        });

Notice how the call to the template's process() method is now a static method call.

Summary

Exception handling templates are a simple yet powerful mechanism that can increase the quality and readability of your code. It also increases your productivity, since you have much less code to write, and less to worry about. Exceptions are handled by the templates. And, if you need to improve the exception handling later in the development process, you only have a single spot to change it in: The exception handling template.
The Template Method design pattern can be used for other purposes than exception handling. The iteration of the input stream could also have been put into a template. The iteration of a ResultSet in JDBC could be put into a template. The correct execution of a transaction in JDBC could be put into a template. The possibilities are endless.
Context reuse and templates are also discussed in the article Code Reuse: Context and Action Reuse.

@reference_1_tutorials.jenkov.com
Exception Handling Templates in Java