I assume I don’t have to introduce the concept of spam. Fighting spam can be done on different levels. A first line of defense is the mail server receiving them. There are several checks it can perform. Here is my configuration of Postfix.
To get secure access to internal networks, one usually employs one of the many variants of a VPN. When connecting from a normal computer, you can install basically whatever variant you wish. When using devices such as smartphones however, the number of supported VPN technologies is usually limited. Especially on non-open platforms such as the iDevices by Apple, you can not add VPN software yourself, contrary to the Android platform.
In this post, I’ll explain how to set up an IPsec (without L2TP) tunnel endpoint on an Ubuntu server, capable of handling an iPhone/iPad/iPod/iWhatever. The users will be authenticated against an LDAP directory.
Continue reading ‘iPhone compatible IPsec VPN on an Ubuntu server, with LDAP authentication’ »
When programming with multiple files/modules, dependency tracking is always a big issue. GNU Make calculates the correct order to compile in, but is only that smart. It does know that if a .cpp file changes, the corresponding .o file needs to be updated. But a change in an included header can go unnoticed.
While debugging a strange problem today, it was exactly that last scenario: A change in a header file did not cause a recompile, which left me debugging an old version of the binary. So I wanted to include the dependencies of .cpp files on the included headers in my Makefile. But since I’m too lazy to do it myself, I wrote a script.
dd-wrt has built-in support for a whole list of Dynamic DNS services. Unfortunately, they only support HTTP-based services. I use a standard RFC2136 DNS update. Here’s how to add nsupdate support to dd-wrt.
Continue reading ‘Using nsupdate in dd-wrt’ »
Although the big builds of dd-wrt contain IPv6 support, it doesn’t support ip6tables. Hence, I choose to use the mini build (which gives me the most free space) and add the missing parts myself. I shamelessly used OpenWRT modules to save me the trouble of figuring out how to compile each library. (Unfortunately, my router isn’t supported by OpenWRT, so I need to stay with dd-wrt for the base system).
Continue reading ‘Adding IPv6 support to dd-wrt’ »
Since none of the dd-wrt releases include ip6tables support, I added it myself. The standard kernel does support module loading, so you can simply add additional kernel features without reflashing the device. You do need some writable storage. I use the remaining 4MB of flash using JFFS, but using an external storage (USB, network, …) is also possible.
Since you can’t run a complete build environment on the router itself, you’ll have to set up a cross-compiling environment on your own machine. As I found out, this isn’t always very easy to do…
Continue reading ‘Compiling custom dd-wrt kernel modules’ »
I bought myself a new WiFi router. When in the shop, I specifically searched for a router that is supported by dd-wrt, and has (at least) 8MB of flash. I settled for the Linksys WRT320N: it has a dual band (switchable between 2.4GHz and 5GHz, not simultaneous) 802.11a/b/g/n radio, a 4 port GbE switch, and a WAN port. It houses a Broadcom BC4717 processor running at 354MHz, 8MB of flash and 32MB of RAM.
The default Linksys firmware is actually not bad, but dd-wrt just offers a ton more features: Multiple SSIDs, IPv6 support (including Sixxs tunneling), WAN volume monitoring, custom firewalling, traffic shaping, … So I decided to void my warranty and put my router on steroids! Mandatory note: this may very well turn your router in to a very expensive brick.
I usually don’t just repost other people’s posts, but this one really deserves some extra attention. It explains a very elegant way to hop using SSH.
Continue reading ‘Hopping from host to host with SSH, automatically’ »
I tried to upgrade my silverlight plugin from version 3 (3.0.50106.0) to version 4 (4.0.50917.0). I downloaded the DMG, followed the wizard all the way through, restarted Firefox as requested and saw that I was still at version 3… Strangely, Safari did load and use version 4, so the install was successful. So I searched my entire system fore some remains of Silverlight 3, without success.
The only place I could find the old version mentioned, was in the pluginreg.dat file in my firefox profile. I just erased this file, and it all magically worked!
One very nice feature the iPhone lacks is the ability to request a delivery report on text messages. I usually abuse these by sending a text message to family/friends while they’re on a plane. As soon as they land and switch on their phone, I get a delivery report. Which essentially tells me “for free” that the person has landed. (With Belgian carriers, receiving text messages is always free, even abroad, because you can’t refuse them).
