Canmore's Blog

Wondrous things have happened: A second antenna has been placed in our village, thus allowing 10 more people to connect. Apparently, a bigger leased line is going to be installed (10MBit), but nobody knows when. One thing is really driving me nuts: No one answered my e-Mail concerning my connection problems and the missing Reverse DNS entries. Maybe the next e-Mail should contain some swearwords.

I simply cannot believe how people without any professional attitude are allowed to run an ISP. Yet, it's a desperate situation for me, because without them, I would not have a fast, affordable internet connection...

Ere I go postal, I am rather off programming. To quote Einstein: "I never think of the future, it comes soon enough."

(by the way: there is no need to be afraid that this blog is becoming too personal. Think of it as a chronicle of tech-related things and other people's stupidity.)

I finally rewrote my console-based GPS mapping program "GPSCon". Users may now use command-line switches. Furthermore, referencing maps automatically works better and I daresay that the program is now actually usable by other people than me. GPSCon is downloadable on my homepage.

Quick introduction for users who have used GPSCon before (you should also take a closer look at the file README):

• Create a reference file that contains POI (points of interest) data such as your favourite geocaching locations
• Start GPScon like this: ./gpscon -d /dev/cuaa0 -l gpscon.log -r poi_data.txt -s
• The -s tells GPSCon not to use auto-referencing, which might be better in some cases

Have fun with GPSCon and drop me a line if you like it.

In my hometown, there is no broadband internet access. So we formed a citizens' initiative and connected the whole town using 5Ghz WLAN equipment from Proxim. The ISP that provided us with the technical devices and the leased line is called net.art and resides in Bad Kreuznach. Everything works more or less fine, although we are using a 2MBit leased line to connect over 70 people (sic!). Yet, if one takes a closer look, the ISP seems incompetent. Very incompetent. I'd like to mention some sad facts about our net:

• No UPS is protecting the leased line and the so-called "Basic Station Unit (BSU)" that enables all clients to connect to the Internet.
• Our subnet is susceptible to ARP attacks. Since these attacks could even be accomplished by newbies using Windows, this is a great threat.
• Thee is no load-balancing / QoS used. This makes certain services such as VoIP telephony virtually impossible.
• It took the ISP 8 months to develop a traffic measuring program that yields more or less exact results (we all have volume-based internet access). Prior to that, they used SNMP to monitor the client's devices. So basically, everyone was billed for ARP requests that had nothing to do with surfing, too (sic!).
• Everyone is issued a static IP address, which is fine. But none of these addresses is paired with a hostname. Result: Reverse DNS doesn't work. Quoting from RFC 1912: Every Internet-reachable host should have a name. The consequences of this are becoming more and more obvious. Many services available on the Internet will not talk to you if you aren't correctly registered in the DNS.
• Smaller problems such as wrong invoices, missing contact information etc. tick me off.

So, what I am doing right now is bothering these guys until they give us what we need. After all, we are paying for certain services. Fortunately, there is a local that is responsible for our site. He is in touch with the ISP right now trying to solve connection problems for some clients. I confine myself to sending e-Mails mentioning our current status and my personal level of p*ssedness.

This is getting quite interesting. Let's see what happens in the next weeks...

I have been busy setting up a server for the last few days. It's running Samba and Subversion so that it can be used as a kind of backup-server for all purposes. Using gmirror (8), the server can use two identical hard disks as a Software-RAID (in mirroring mode, of course).

The article by Dru Lavigne at onlamp.com helped me a lot while installing Subversion. All clients use esvn to access the repository.

I also tried Trac, but it is too sophisticated / bloated for a simple backup and revision control server. However, if you are working on a bigger project that has more than one developer Trac will definitely "be your friend".

Just in case you don't know already: The book "The Complete FreeBSD" may now be downloaded from Greg Lehey's homepage. This is a definite must-read for every *BSD addict.

Should you by any chance encounter an error with mso.dll while trying to start Outlook (well, I hope you don't use it a home...), try and delete outcmd.dat. This file only contains the configuration for Outlook's menus and symbol bars, so it's probably not a great loss.

Yet, I do wonder why Outlook crashes without any apparent reason just because a 2kb (sic!) file is corrupted. Micro$oft could learn a lot from things such as "/var/log", I guess.

Since his old WLAN-card broke, my brother bought a "new" D-Link DWL-520+. Plainly spoken, this card is crap (at least concerning transmit distance). So, another solution for connecting him to our network had to be found. Fortunately, a friend of mine sold his Linksys WRT54G for approximately half the price we had to pay for the D-Link DWL-520+...

I quickly flashed the router with the DD-WRT firmware, entered the proper IP addresses and chose client bridge mode. And lo and behold, it works flawlessly. As my brother just set-up an old computer that lacks a wireless card, thus connecting to LANs by wire, the WRT54G came just in time and we literally killed 2 birds with one stone.

Moral(s) of the story

• networking is great
• do not buy DWL-520+ PCI cards
• the combination WRT54G + DD-WRT is pretty useful
• sometimes, the growth of your personal network is overwhelming (I am counting 11 network devices right now, with only 4 persons living in our household)

To keep track of the internet traffic my family is causing, I wrote a little perl script that runs on the Soekris and displays the output of ipfstat. This works because ipf is able to count traffic by using rules such as:

count in on sis0 all
coun out on sis0 all

The perl script just parses the output of ipfstat -noia and displays it in a more or less fancy way. You may find the script among other things in the Soekris directory on my homepage.

Perhaps this is of some interest to other Soekris owners.

Today was quite interesting. A notebook that belonged to one of the researchers suddenly refused to start Outlook whilst giving very obscure (of course!) error messages. Yes, the people I work for prefer using Micro$oft products. I wish they wouldn't.

However, the damage was done and I had to fix it. Having given the problem some minutes of thought, I tracked everything down to a certain plugin we are using: OLfolders, which should allow us (in theory) to share Outlook data for team-work purposes. At least this is what our previous sysadmin was told. The plugin was easily disabled, but surprise, surprise, the *.pst file was corrupted and I had to run scanpst.exe, which (of course!) considered most of the user's data corrupted, thus deleting it. Fortunately, we have backups. More fortunately, I had taken them manually before attempting to "repair" anything.

But thanks to <insert omnipotent entity of your choice here>, everything works again. In retrospective, it turned out that Olfolders corrupted data because the LAN connection to our server was not up at that time. I do not consider this an appropriate behaviour for commercial software, but those wo do use Windows deserve no better. Anyway, it is very odd that e-mail data is corrupted (from the user's own profile), whereas contact data (which is why OLfolders is actually used by my colleagues) remains intact. I guess this is not a bug, but a feature.

The second part of my work day was much better. I needed to install Horde for one of the researchers...and I must admit that I like it. Horde is clearly divided into modules that can be installed without much hassle - and they actually do the job they are supposed to do! At the moment, the installation contains Gollem, Kronolith, Mnemo, Nag and Turba. The platform is meant to act as a - attention, bad buzzword coming up - groupware application used by scientists that are scattered all over the world. Well, to make a long story short: It works and Horde literally saved my day from being rather dull.

In several months, the users probably want IMP support for our Horde installation as well, but our server should handle that quite easily. For now, I am off playing with my Soekris and its firewall rules.

It actually worked, my Soekris accepted the Kernel and the system. FreeBSD runs very smooth (because the kernel is rather slim) and the overall performance is overwhelming.

First, the Soekris was meant to work as a printer-server, but I discovered that the printers I'd like to use don't work with CUPS. Crap. However, thanks to a JetDirect card I bought from eBay, at least the HP Laserjet 2100 can be used in our LAN. For now, the Soekris runs dnsmasq, thttp and ssh. I settled for IP Filter and IP NAT to enable the Soekris to act as a network gateway.

For those who are interested, I am going to upload some of my configuration files which you might use for your own setups. You will find them on my personal homepage. To get you started, I recommend the miniBSD Guide. My install procedure is not much different, except that I copied more or less everything on the CF Card to make the image more flexible.

Right now, I am working on a small traffic counter application that can generate HTML statistics so that "my" users always know how much traffic has already been generated. Unfortunately, our local ISP doesn't offer flatrate internet connections...