Sunday, November 30, 2008

Installing the Wyse 2: dnrd

The new Wyse machine should serve as a caching DNS for the internal network. This will enable us to resolve host names on the internet (e.g. www.google.com) and local hostnames (e.g. localhostname.earth). My old router used dnrd to accomplish this, so I will use dnrd again. You could use a full blown DNS server, such as bind but bind has always suffered some security issues and is harder to configure (but not impossible).
So, first we need to download and extract dnrd:

# wget http://downloads.sourceforge.net/dnrd/dnrd-2.20.3.tar.gz
# tar xvfz dnrd-2.20.3.tar.gz

Next, install a compiler:

# apt-get install gcc
# apt-get install g++
# apt-get install make

Next, configure the package:

# ./configure

Compile and install the package:

# make
# make install

Create a startup script (/etc/init.d/dnrd)
#! /bin/sh
set -e

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="Domain Name Relay Daemon"
NAME=dnrd
DAEMON=/usr/local/sbin/$NAME
PIDFILE=/var/run/$NAME.pid

OPTIONS="-s 195.130.131.10 -s 195.130.130.5 -a 192.168.1.254"

# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0

#
# Function that starts the daemon/service.
#
d_start() {
start-stop-daemon --start --quiet --pidfile $PIDFILE \
--exec $DAEMON -- $OPTIONS
}

#
# Function that stops the daemon/service.
#
d_stop() {
start-stop-daemon --stop --quiet --pidfile $PIDFILE \
--name $NAME
}

#
# Function that sends a SIGHUP to the daemon/service.
#
d_reload() {
start-stop-daemon --stop --quiet --pidfile $PIDFILE \
--name $NAME --signal 1
}

case "$1" in
start)
echo -n "Starting $DESC: $NAME"
d_start
echo "."
;;
stop)
echo -n "Stopping $DESC: $NAME"
d_stop
echo "."
;;
restart|force-reload)
echo -n "Restarting $DESC: $NAME"
d_stop
sleep 1
d_start
echo "."
;;
*)
# echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 1
;;
esac

exit 0

Add a user for dnrd

# adduser --system dnrd

Configure dnrd; create and edit /usr/local/etc/dnrd/master

domain earth
192.168.1.1 localhostname
192.168.1.254 firewyse

Start dnrd using the script we created earlier:

/etc/init.d/dnrd

Test your nameserver:

# nslookup firewyse

Server: 192.168.1.254
Address: 192.168.1.254#53

Non-authoritative answer:
Name: firewyse.earth
Address: 192.168.1.254

As you can see, dnrd is able to resolve the earth domain. Adding additional hosts from your local network is accomplished by adding additional entries in the /usr/local/etc/dnrd/master file. All you need to do is maintain one single configuration file. Configuring bind to do this, requires a lot more additional steps and configuration files.
Finally, we need to make sure dnrd starts when the system is booted:

# update-rc.d dnrd defaults
Adding system startup for /etc/init.d/dnrd ...
/etc/rc0.d/K20dnrd -> ../init.d/dnrd
/etc/rc1.d/K20dnrd -> ../init.d/dnrd
/etc/rc6.d/K20dnrd -> ../init.d/dnrd
/etc/rc2.d/S20dnrd -> ../init.d/dnrd
/etc/rc3.d/S20dnrd -> ../init.d/dnrd
/etc/rc4.d/S20dnrd -> ../init.d/dnrd
/etc/rc5.d/S20dnrd -> ../init.d/dnrd

Installing the Wyse 1: Prepare for installation

As already mentioned in an earlier post, I have bought a small Wyse thin client.

The picture above shows the Transcend flash card with 40-pin IDE that comes with the Wyse terminal. The card can only store 512MB data and I am not sure how a flash card reacts on a live operating system writing log files to it every now and then. A flash card ages and has a limited number of write / delete operations. Since the Wyse has plenty of room, I decided to mount a normal 10 GB hard drive, recovered from an older PC. I also installed an extra network card, since this device will be used as firewall / router / proxy for my network.
Most Wyse terminals' BIOS are protected with a password. The default password is Fireport (I had to look it up on the internet). You'll need this password and enter the BIOS to change the device's boot order. By default, it searches the network for a boot image ... which will take some time if you don't have a TFTP boot server running.
The picture below shows the added network card and extra hard drive.

The power supply does not have an additional connection to power an additional CD ROM drive, so I connected the CD ROM drive, since this is only temporal, to an external power supply recovered from an old XT computer. You cannot use a normal ATX power supply, since this needs feedback from the ATX motherboard to power on (unless you know how to bypass this).
The picture below shows the CD ROM drive connected to the external XT power supply. This CD ROM was connected to the second IDE channel to be able to install Debian on the Wyse.

Debian installs like a breeze on this device. Just download the Etch net-install, put it in the CD ROM drive, connect the device to the network and power it on. Debian has a ncurses based "next->next->next->finish" installer, so even your grandmother can do this.
Finally, detach the external CD ROM drive, close the case and your done. All other necessary packages for Debian are fetched from the internet.

Tuesday, November 25, 2008

My new pet project

Before I start telling about my new pet project, I must congratulate my 3 colleagues that joined me at the Ubuntu booth on this weekends Dipro fair. We managed to gather around €80 of donations from people collecting an Ubuntu (or Kubuntu) installation medium. Compared to an earlier fair I did, with roughly the same people, this amount of money is enormous. If everything goes well, this money will be transfered to the Belgium Ubuntu loco team for supporting their actions.

Anyway, like any other Dipor fair, there were a lot of people trying to sell old computers and laptops for unreasonable prices, the most hideous cases, do-it-yourself-ink-cartridge-refill kits and mini keyboards only my kids can type on :)
While strolling through the fair, however, a colleague showed me an interesting Wyse Thin Client. These terminals are normally used as a very lightweigt computer, accessing terminal services provided by some server running Windows or Unix. This particular device (a 9455XL) was running some embedded version of Windows XP which I found quite intriguing. I also thought that all these devices had proprietary hardware, allowing them to run OS'es provided by Wyse only.
This device was different. After kindly asking the seller for a screwdriver, we noticed a very familiar VIA chipset inside. The main board also had a normal IDE controller and one of its bays was occupied by 512MB, 40-pin, Transcend, IDE Flash Module. There was also a PCI riser card present, to be able to add an additional hardware component like a TV card. For the readers that got lost in the past few lines, this was a normal, damn small, extensible PC with very low power consumption :)
The guy was selling these for €25 each, so I bought one.

Since the device only consumes an average of 15W, this will serve as an ideal replacement for my current 24/7 router-firewall-all-in-one-file-and-print-server providing Internet access to my network at home. The latter is a normal IBM Aptiva consuming an average of 65W. You could also use this as a cheap NAS device, after inserting a very huge hard disk.
I had been thinking about this before, but I never found a reseller in Belgium for mini-itx boards and solutions. The German Mini PC site came close, but after configuring my first device, using their builder, it seemed a lot more expensive than I anticipated.

In the next posts, I will elaborate on some adventures in installing the device. I will also talk about the software I will install on this device (yes, it will be Linux, what else) and how it's configured. I will also turn this device into a content based proxy, instead of a normal NAT (Network Address Translator), to be able to filter out some unwanted sites. The latter will be interesting and necessary, since my girfriend's daughter is taking her first steps on the Internet.

Stay tuned!

SPAM: The Russians ... oh no, not again

Oh yes. I received another mail from a different girl, I mean woman, asking me for something totally different than love. Please read ... it's funny.

Dear Friend,

My name is Elena, I have 31 year and I live in Russian province. I work in library and after my work I allowed to use computer when it possible.
I finded your address in internet and I decided to write you this letter.

I have 7-year daughter Angelina, her father abandoned us and we live with my mother.

Recently my mother lost job and our situation became very difficult.

The price for heating our home is very high and we cannot afford it anymore.

The winter is coming and weather is colder each day. We worry if the temperature will become cold in our home, we don't know how to survive.

For heating our home we need portable stove which give heat from burning wood. We have many wood in our region, but we cannot buy the stove in local market because it cost equivalent of 193 Euro and very expensive for us.
If you have any old portable wood burning stove, we will be very happy if you can donate it to us and organize transport of its to our address (200km from Moscow) or help us to buy it in our local market.
This oven are different, they are from cast iron and weight 100-150kg.

I downloaded our picture to free website and you can see it at:
http://elenadd.nextmail.ru/ourpicture.jpg
It is not of very good quality, but it will give you idea how we look.

I hope that you answer me and I wish you all the best.

Elena.

I bet this one has a whole hangar of stoves :)

Thursday, November 20, 2008

SPAM: Does it ever stop ...

... I guess not. Today I received the following mail on my very old Hotmail account.

Dear User,

We are sorry to inform you that we care currently working on securing our server. During this process, an account that is not manually verified by us will be deleted, Please confirm that you have an account and submit your information for manual verification by one of our customer care representatives

Information that is be to provided is below:
User Name:
UserID:
Password:
Date Of Birth:
Country (At Signup):

Upon confirmation of the information from you, we will manually verify your yahoo account and, thereby, prevent it from being deleted, We are sorry for any inconvenience this might cause.

Account owner "who" refuses to update his/her account after two weeks of receiving this warning will lose his or her account permanently.
__________________________________________________________________________________________________

Copyright © 2008 Yahoo. All rights reserved. Copyright/IP Policy
| Terms of Service | Guide to Online Security

NOTICE: We collect personal information on this site.
To learn more about how we use your information, see our Privacy Policy.

Now this is funny. They're asking for my user ID and password for my Yahoo account, so I can keep using my Hotmail account. I don't even _have_ a yahoo account, and I never did!
I said it before and I'll say it again, the Internet is a very dangerous place. Please, keep your children away!

Monday, November 10, 2008

Fixing a fluorescent rod

A few years ago I bought an orange fluorescent rod, which, mounted behind my television cabinet, gives an orange ambient light. The other weekend, it broke down :(

Unfortunately, the original manufacturer (WOFI) stopped selling these a while ago. Makro where I originally bought the rod doesn't sell them anymore either. So I had a problem.
Velleman however has these rods in its products list, so I rushed to a local dealer, finding that he only had these in green and white (WTF?). So I still had a problem.
There's no way to open these rods, since the black ends are glued to the orange rod at both sides. So normally, there's no way to open these rods without breaking something. Fortunately the black end with the power cord on the rod I own came loose a while ago. So I decided to take it apart to see if there was a way to fix it.
Inside, there is a normal fluorescent tube of 56W (about 1.5 meters in length) powered by an electronic ballast. Normally, fluorescent lamps you find at home, are powered by a magnetic ballast and a starting switch. Electronic ballasts, however, are becoming more common (because they are less power consuming) but are more expensive than their magnetic counterparts.
There were 2 possibilities, either the fluorescent lamp or the electronic ballast was broken. Or maybe both :(
To test this, I took a working fluorescent lamp (used in my garage) and wired this to the electronic ballast (being very careful though). It worked, so I could conclude the ballast was still working and I only had to replace the broken fluorescent lamp.
So now, until the ballast fails, I have my ambient orange rod working again.

In search of perfection: Spaghetti Bolognese

A while ago there was a series on the BBC on Heston Blumenthal's search of perfection. In the series, Heston tries to "perfect" 8 traditional dishes. About a year ago, a friend of mine brought these series to my attention, but in fact, I've never watched them. That's why I bought the books (in the meantime there have been 2 series) and yesterday, I tried to make Heston's version of Spaghetti Bolognese.

I will not go into detail on how to make the sauce, it is a lengthy process that takes about 8 hours. Instead, I will talk about some of the modifications I've done to Heston's recipe.
There were some ingredients I couldn't find:

  • The star anise: According to Heston, this is the most important ingredient for the sauce, because combined with the onions, it enhances the flavor of the meat.
  • Boned oxtail
  • The coriander seeds
  • The Thai fish sauce
  • The sherry vinegar

Apparently the star anise has a concentrated anise flavor, so I replaced it with 3 tablespoons of Ricard, which is an anise flavored liqueur. I am not sure if it worked though, but it was worth a try.
I couldn't find boned oxtail. Instead, I used oxtail with the bones and boned it at the end of the recipe. IMHO this is even better, because meat always tastes better when it's cooked on its bone.
Instead of coriander seeds, I used coriander herbs, which are in essence dried coriander leaves. Not sure if this changes anything. I haven't used coriander seeds before, so I don't even know how they taste.
I didn't bother buying the Thai fish sauce and replaced this with 2 tablespoons of soybean sauce, which has an oriental salty flavor. To add the fish taste, I stirred in 6 fillets of salted anchovy on oil at the end of the recipe.
The cherry vinegar was replaced by xérès vinegar, but IMHO you can use any good quality, good tasting vinegar.

With all of the above modifications, I am not sure if my end result tastes the same as Heston's idea of perfection. But I have to say, it tastes incredible, and it was definitely worth 8 hours of cooking.