Thinking Technical

We have a MikroTik router as our main connection point to our network. I needed to find out how to add an additional NAT address to our MikroTik. Thankfully with a little research I came across this article from eHow. I had to share it because it was really helpful.

1. Click the “Winbox” link in the Web page that appears. Click “Open” in the window that displays and confirm that you wish to run the “Winbox” program if prompted.

I recently began using Synergy to remove clutter from my desk. For some time I had issues with configuring it because I thought it was way to difficult. RTFM (Read The Fine Manual – yes I know this is usually said differently) but in this case the documentation is very straightforward and easy to follow. I have an example of my config below with the names changed for my ease of mind.

section: screens
MacBook.local:
WIN7:
end

section: links
MacBook.local:
right = WIN7
left = MacBook.local
ITADMIN:
left = MacBook.local
right = WIN7
end

Now that the config file example is out of the way I was having to run a script manually from the command line every time I started my Mac (running as the server). I did some research and found that you can use a program built into your mac called Automator to create an application that you can then run at login.

Open Automator and select “Application” => scroll to “Run Shell Script” and double click it. This will open the “Run Shell Script” up on the right hand side of your screen. Make sure the “Shell” is “/bin/bash” and place your script into the body of the shell script. Finally, hit “File” => “Save” and your script has been created.

You now need to add this to your login items. Open System Preferences => Users & Groups => Login Items => click + and choose your script. Once you have placed it in the login items give it a test by logging out and back in. If it works successfully you should see a gear in the top right-hand portion of your mac.

I had struggled in the past with the ability to support a non-admin on a Windows 7 machine for some time especially trying to find and utilize the “Run As” command. The only option available to me was the “Run as Administrator” function. Which using VNC doesn’t provide much help when the screen is locked because of UAC and you don’t want to provide the user with your admin credentials. I was determined to resolve the issue remotely and did a quick search and found that if you hold the shift key and you right-click on the program you have the ability to “Run as different user”. I found this with a quick search online but even if no one reads my blog at least I have note of in for myself in the future.

On occasion my mind goes on a tangent for no good reason. I was thinking tonight because of a movie I had seen about how the blind identify different currency. I did some reading and found that they make devices to aid in initial identification but it wasn’t a portable solution. I then began to wonder if an iPhone could be useful to the blind. I came across “The Blind Film Critic” who has videos online of how he uses the iPhone 4S and Siri which are interesting. Then my mind took a slight tangent to an iPhone app capable identifying different currency for the blind and it turned out that one exists. Just a bit of cool information.

A colleague of mine showed me a pretty cool trick with the iPhone. If you dial “*3001#12345#*” and call that number it will display the actual signal strength of your phone to the tower in the top left hand corner of your phone. You can also enable your phone to toggle back and forth between the two on your home screen of you iPhone with a simple trick.

After following the instructions above press and hold the power & home buttons until your phone turns off. Turn it back on and you should see the power level in the top left hand side of the screen where you usually see signal bars. If you want to signal bars back just hit the number in the top left to swap back. It allows your phone to swap back and forth between the traditional signal and the signal that indicates numerically what your signal strength is.

I like most in the I.T. field have two cell phones one belonging to me and the other belonging to work. Well, I was using a Nokia for my work phone for about a year but I really wanted an iPhone. My Nokia had a pretty awesome feature on it that would speak the name of the person calling if it was in my phone book. I was able to attain an iPhone to use as my work phone and wanted to replicate this feature. At one point I thought apple should include this as a feature and I still wish that they would. But, there is a way to replicate it without Apple having to do the programming.

1. You will need a Word, OpenOffice Writer, or TextEdit to create the phrases you want your phone to say when someone is calling. Type a sentence for each person that you want to be alerted by name that is calling. I have an example below which could just as easily be the persons name and that is it. But, I wanted something with a little more information (as if I didn’t already know that if my phone was telling me their name that they were calling).

Example: “Your boss is calling.”

2. Print the document to a PDF using the built-in feature on your Mac. You can save it anywhere that you like as long as it is in PDF format.

3. Open up the document with the “Preview” app and highlight the first sentence.

4. Right click on the highlighted sentence and select ‘Add to iTunes as a Spoken Track.”

5. Open iTunes and import the song.

6. Right click on the song and select “Create AAC Version”.

7. Close iTunes after deleting the .aiff version of the Text-To-Speech file.

8. Open Finder and go to your user => Music => iTunes => iTunes Music => Unknown Artist => Unknown Artist and move the song into the root of the “Music” folder underneath your user.

9. Change the file extension from .m4a to .m4r and import the ringtone back into iTunes.

10. Sync your iPhone with iTunes and enjoy your Text-To-Speech ringtones.

As an experienced technical person I am not afraid to admit when I don’t know something. But, I also have the confidence and determination to say that I can/will figure something out. Well, one of my personal projects that was half-finished was the setup of a functioning IPCop proxy with a working OpenVPN connection.

I wanted to install the most recent version of IPCop that was available for download. But, I needed the ability to use the IPCop server as a VPN server as well. It turns out if you edit the install bash script for ZERINA and comment out the version check below you are able to install ZERINA(OpenVPN) on any version of IPCop that you would like.

#if [ ! "`echo $IPCOPVERSION | grep "1.4.15"`" ] ; then
#  echo
#  echo “ERROR: This ZERINA addon only works with IPCop 1.4.15!\n”
#  echo “Sorry. Please update your IPCop – visit www.ipcop.org!\n”
#       echo “”
#  exit 1
#fi

The next step after installing ZERINA (OpenVPN) for IPCop was ensuring my routing was correct. So I ran the command below to check my routes.

netstat -rn

I will not go into much detail here other than to say that OpenVPN has its own routes that it will add automatically once the OpenVPN server is enabled. These routes added by OpenVPN are listed below and will disappear if the OpenVPN server is disabled. The IP addresses below may vary depending on the IP range you entered for the VPN.

192.168.2.2       0.0.0.0         255.255.255.255 UH        0 0          0 tun0
192.168.2.0       192.168.2.2       255.255.255.0   UG        0 0          0 tun0

You will need to add custom routes that are not shown above in order to reach different subnets within your network. I have included the command below as an example to aid you.

route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.1.1 eth0

If you intend for your routes to exist after a reboot you need to add them to the end of the rc.netaddresses.up with is located in /etc/rc.d/rc.netaddresses.up. Each one of the routes below signify networks that need to be reached.

route add -net 192.168.3.0/24 gw 192.168.1.1
route add -net 192.168.4.0/24 gw 192.168.1.1

Once I had everything installed and ready to go I issued the VPN certificates, downloaded them off the IPCop/OpenVPN server and put them on my Mac. I was able to successfully connect to the VPN and reach the IPCop interface but I wasn’t able to reach anything else on the internal network. I happened to stumble across a command that was my saving grace.

iptables -t nat -A CUSTOMPOSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE

In order to avoid any confusion “CUSTOMPOSTROUTING” is suppose to be used literally in the command. You do not need to change it to an IP address. It is a way to identify unique custom added routes. Also, etho is ethernet zero as in the first interface available for use on this sever. The font is a little misleading.

I hope this helps someone in their efforts to understand how OpenVPN works. I believe my next step will be to attempt setting up my own OpenVPN server from scratch. I have done it many times in the past but never got the routing to work correctly. But, with the MASQUERADE command above I believe that I should be able to make it work correctly.

I use OSX DigitalColor Meter quite frequently for web development as well as image modification. I recently upgraded to OSX Lion on my Mac and I was rather frustrated to find that I wasn’t seeing the color in hex like I am accustom to. So, I purchased a $0.99 app from the App Store only to find that if I made an adjustment to the DigitalColor Meter installed by Apple that I could get the hex figures I was accustom to. In the DigitalColor Meter select “View => Display Values => as Hexadecimal” Once selected make sure that “Display native values” is selected in the drop down above the RGB values. Ignore “0x” that precedes the 2 digit hex values and voila you have your RGB 8-bit hex value back!

Just updated to the iOS5 GM release and my Personal Hotspot was missing. Apparently to re-enable it go to Settings => General => Reset => Reset Network Setting. Follow that up by rebooting you phone. Then you are back up and running.

I am in the I.T. field (just in case you didn’t know) and we have a proxy in place to prevent our computers from being damaged by viruses and other potential threats to our network. I was asked to make a couple of websites available for viewing. But, I didn’t want to do that with out finding out if they contained malware, spyware, or viruses. I go searching and I find Google Safe Browsing Check which allows me to enter the site name and it finds out if it is harmful or not. If you copy and paste http://www.google.com/safebrowsing/diagnostic?site=www.website.com and replace “www.website.com” with the website you want to check it will test it and give you the results. I don’t recommend using only the Google scanner but it is at least a good start and it’s free!