homecomputerlab

watch --differences --interval 3 'df; ls -FlAt;'

LINUX
Create a new NTFS (type 7 in linux) partition and set it as bootable. Then simply copy the contents of your Windows 2008 iso to the drive and create a Windows compatible MBR on the USB boot drive.

# cfdisk /dev/sdx
# mkfs.ntfs -f /dev/sdx1
# mount -o loop win2008.iso /mnt/iso
# mount /dev/sdx1 /mnt/usb
# cp -r /mnt/iso/* /mnt/usb/
# lilo -M  /dev/sdx mbr

WINDOWS
The windows instructions I copied from the following website http://bramp.net/blog/create-bootable-windows-server-2008-usb-stick I had a look at these instructions first before I was able to replicate the process under linux and produce the instructions above. I have included the windows instructions here for completeness.

Select the USB device from the list and substitute the disk number below when necessary. In this example Y:\ is my mounted image or physical DVD and X:\ is my USB device

C:\> diskpart
DISKPART> list disk
DISKPART> select disk x
DISKPART> clean
DISKPART> create partition primary
DISKPART> select partition x
DISKPART> active
DISKPART> format fs=fat32
DISKPART> assign
DISKPART> exit
C:\> xcopy Y:\*.* /s/e/f X:\

By design routers do not forward broadcast packets for a number of reasons but instead create seperate broadcast domains, but what if you do want to forward certain broadcast packets between different vlans or physical networks?

I rely on a lot of different remote management tools to administer the servers in my loft remotely. One of these tools is remote Wake-on-LAN. In order to forward WoL packets between networks you can use the ip-helper address command on Cisco routers.

On the Router where the Wol packets will originate from, we tell the router to allow forwarding of udp packets on port 9. (This is the discard port that WoL packets use.) Then under the interface where the WoL packets will originate from, we tell the router where to forward the packets to.

R1(config)# ip forward-protocol udp 9
R1(config-if)# ip helper-address 192.168.1.255

Now all we need to do is create an access list on the other router to allow the forwarded broadcast messages, otherwise you could open yourself up to a possible Smurf DOS attack. Then we tell the router on which interfaces we will allow the forwaded broadcast messages to be received on.

R2(config)# access-list 101 permit udp 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255 eq 9
R2(config-if)# ip directed-broadcast 101

Well, this year Christmas has come early for me, I recently bought a new server from ebay which I have just gotten around to racking up in the homecomputerlab today.

It’s another ITX form factor server based on the VIA-EPIA chipset which I am now well familiar with. This particular model however, is the VIA-EPIA PD Series which comes with 2x FastEthernet NIC’s and 4x Serial COM ports which when combined with its low noise and low power consumtion, makes it the perfect platform to deploy as an opensource firewall/proxy/content filter server as well as a console server for my Cisco Lab.

I have played with both pfSense and Untangle as virtual machines in a sandbox environment in the past, but I am looking forward to seeing how they perform on the VIA-EPIA baremetal hardware and also in a real world environment. Something else that I’ve had a look into and would be interested in playing with is a Dual Firewall DMZ, but that will have to come later, much later, baby steps first :)

VIA EPIA PD Manual

Windows:
schtasks /create /tn "Reboot" /tr "shutdown /r /t 1" /sc once /st HH:MM:ss /sd dd/mm/yyyy /ru "System"

Linux:
sudo shutdown -r HH:MM

sed -i 's/old-word/new-word/g' /home/user/docs/*

After I got my (new) 2nd ADSL line installed, I noticed my Cisco 877 Router would constantly drop it’s internet connection and often not be able to reconnect to the internet again for extended periods of time. I plugged in the cheap generic router originally shipped by my provider to troubleshoot the problem and sure enough the connection came up first time and stayed up for a full day and a half before I was satisfied that the problem was definitely an issue with my Cisco Router.

My first port of call was to run a debug on the router to try and narrow down the issue:
Don’t forget the ‘temrinal monitor’ command if you are running your debug from a remote session
debug atm events

After a quick google search of the error I was receiving and a speed read through the Cisco website the problem seemed to be an issue with the Alcatel DSL Chipset and the recommended resolution, a quick firmware update for the chipset, not to be confused with an IOS upgrade. To get my current DSL chipset firmware version I needed to issue the following command which confirmed my suspicions of the out of date firmware.
show dsl int ATM 0
It was then just a simple matter of downloading the new updated firmware file from the Cisco website ftp://ftp.cisco.com/pub/access/800/ and copying the adsl_alc_20190.bin file to my router.
copy tftp: flash:
reload
The result? My connection is now rock solid and I’m currently sitting on ~2Weeks uptime – not too shabby for an ADSL circuit! I also noticed that my connection syncs are slightly higher than before, so overall a win win and probably a good idea to update your chipset firmware whether you’re connection is dropping out of not, if anything for the higher sync rates.

Since I’m constantly moving large files around my network which seem to take forever on my ancient Laptop that only supports wireless b/g, I decided to invest in an Edimax EN-7811Un Wireless N adapter to take advantage of my Wireless N capable Cisco887W Router. Unfortunately however, I quickly discovered that Ubuntu 10.04 does not natively support the Edimax wireless device even running the latest 10.04 Kernel 2.6.32-36 (as of 05-12-2011) and I would need to manually install the Linux driver myself.

The first thing you will need to do, is identify your current built-in wireless device (if any):
lspci -k (Take note of the module being used)
There is an excellent guide located here which you can use to help identify your hardware and corresponding driver modules if you need help:
http://www.cyberciti.biz/tips/linux-find-supported-pci-hardware-drivers.html

Then you will need to disable/blacklist the module from being loaded:
sudo nano /etc/modprobe.d/blacklist.conf
#Blacklist built in wifi
blacklist ipw2200 (module name)
Then install the drivers:
sudo apt-get install build-essential
cd to extracted drivers directory
make
sudo make install
sudo modprobe 8192cu
Whenever an updated kernel is installed, you will need to rebuild the driver module again from source for the new kernel.
cd to extracted drivers directory
make clean
make
sudo make install
sudo modprobe 8192cu

I had an issue today with a Linux box we shipped to an international office that uses a separate domain name to our Head Office. We enabled zone transfers on the local DNS servers in order to give access to the required services, however we still needed to tell the Linux box which domain names to append whilst performing the name lookups and once that was done we needed to write protect the /etc/resolv.conf file so that the changes would not be overwritten after the next reboot. The necessary config options were as follows:

• domain – The local domain name
• search – The domains to search (domain suffix to append)
• nameserver – The name lookup servers to use

cat /etc/resolv.conf
domain localdomain.com
search localdomain.com
search seconddomain.com
nameserver 192.168.0.254
nameserver 192.168.0.253
nameserver 4.2.2.2
Once all changes have been made and you would like to write protect the /etc/resolv.conf file from any changes being made, you can do so with the following command:
sudo chattr +i /etc/resolv.conf
To remove the write protection, the command is as follows:
sudo chattr -i /etc/resolv.conf

I recently had a 2nd internet line installed at home for my homecomputerlab which I am quite excited about because it means I can finally start working on a few projects I’ve been wanting to do for a while.

Although I will be unable to offer any meaningful kind of SLA’s, I should hopefully be able to start doing some proper web hosting for a few friends I have spoken to in the past and also hopefully a charity or two; my Grandmother runs an animal rescue shelter in South Africa!

The other thing I’d like to do is get my postfix email server back online, although I will probably end up doing a fresh install. I get embarrassed sometimes giving out a @hotmail address. I guess it could be worse, it could be an @aol account :)

Besides that, theres a few routing protocols I’d like to play with as well as configure a site to site VPN from a static ip address to a dynamic ip address, now that I finally have a static IP!

Here’s is the latest pic of the homecomputerlab which has grown somewhat since my last post.