Archive

Archive for August, 2009

Fortran EBooks

August 29th, 2009 No comments

在国内的“编程爱好者论坛”里找到的链接。里面有不少关于Fortran编程的好书。大家有需要的去看看吧: Fortran Ebooks 下载

Categories: Uncategorized Tags: ,

USB on Asus Wl500g Premium v2

August 26th, 2009 No comments

Enable USB Support from DD-WRT Web Interface
The first step is to enable USB support from the DD-WRT web interface. Open your favorite web browser and type “http://192.168.1.1” in the address bar and hit “Enter“. Once you log into the DD-WRT control panel, select “Services” -> “USB“. Enable the USB supports that you need. Then hit “Save” and “Apply Settings” buttons on the bottom. The router will reboot.

DD-WRT USB Support

Prepare USB Flash Drive
I used the open-sourced GParted to partition and format my USB flash drive. Initially I planned to make two partitions on my USB drive: one swap partition and one ext2 partition. After some reading, I found that making a swap partition on USB flash drives is not a good idea. So I eventually made two partitions on my USB drive and formated them as ext2 file system.

Install Ext2 Module
The DD-WRT firmware (dd-wrt.v24-12714_NEWD_mini_usb.bin) I uploaded to my Asus Wl500gP2 router supports fat, vfat, ext3 file systems out of the box. However, it doesn’t support the ext2 file system. Therefore, I need to install an ext2 module on the router. You can check if your firmware supports the ext2 file system by issuing lsmod command and checking if ext2 is listed as a loaded module.

To install ext2 module, use the following command:

ipkg install kmod-ext2

Now use lsmod command to see if ext2 is loaded.

Enable JFFS from DD-WRT Web Interface
Again open your favorite web browser and log into the router’s DD-WRT control panel.

  • Under “Administration” -> “Management“: Enable JFFS2 and Clean JFFS2.
  • Save” and then “Apply Settings“.
  • Reboot the router.

Mount USB Flash Drive

  • Insert your partitioned and formatted USB drive into an available USB port and restart the router to force detection.
  • Check the /dev tree to see if your USB device was detected:
    root@DD-WRT:~# find /dev/scsi
    /dev/scsi
    /dev/scsi/host0
    /dev/scsi/host0/bus0
    /dev/scsi/host0/bus0/target0
    /dev/scsi/host0/bus0/target0/lun0
    /dev/scsi/host0/bus0/target0/lun0/disc
    /dev/scsi/host0/bus0/target0/lun0/part1
    /dev/scsi/host0/bus0/target0/lun0/part2
  • You will see a partN entry for each detected partition. Use following commands to verify that they can be mounted and written to:

    cd/
    mount -o noatime,nodiratime /dev/scsi/host0/bus0/target0/lun0/part1 /mnt
    echo HELLOWORLD > /mnt/readme
    umount /mnt
  • The above steps should complete without error. Repeat for all partitions.
  • The noatime mount option disables the file system from automatically updating the last accessed time stamp, a common tactic to reduce writes on flash media.
  • The nodiratime mount option disables the file system from automatically updating the directory last accessed time stamp, also a common tactic to reduce writes on flash media.

Automatically Mount USB Flash Drive

  • You can now set them to mount automatically at boot by adding commands to a usb.startup script:

    mkdir -p /jffs/etc/config
    echo "mount -o noatime,nodiratime /dev/scsi/host0/bus0/target0/lun0/part1 /mnt" > /jffs/etc/config/usb.startup
    echo "mount -o noatime,nodiratime /dev/scsi/host0/bus0/target0/lun0/part2 /mmc" >> /jffs/etc/config/usb.startup
    chmod +x /jffs/etc/config/usb.startup
  • The contents of usb.startup will be executed automatically at boot, there is nothing you have to do to enable this, other than create the file and give it execute permissions (shown above).
  • Reboot the router and verify that the partitions mount automatically by running the mount command:

    root@DD-WRT:~# mount | grep -i part
    /dev/scsi/host0/bus0/target0/lun0/part1 on /mmc type ext3 (rw,noatime,nodiratime)
    /dev/scsi/host0/bus0/target0/lun0/part2 on /mnt type ext3 (rw,noatime,nodiratime)

Reference
DD-WRT: USB on ASUS WL500g Premium v2

Categories: Tips and Tricks Tags: ,

Flash Asus Wl500g Premium v2 to DD-WRT

August 24th, 2009 No comments

Legal Stuff First
Flashing the firmware of your router is done at your own risk. There are NO warranties.

Before Flashing

  • Download the correct version of the DD-WRT firmware for your router from DD-WRT Download Page. I needed USB support out of the box so I chose eko’s latest firmware (dd-wrt.v24-12714_NEWD_mini_usb.bin).
  • Temporarily disable your firewall, PeerGuardian and other such software that can interfere with the flashing processes (like Firmware Restoration Tool/Device Discovery).
  • Disable all but one network interfaces on your PC. This is nessesary because Asus Firmware Restoration Tool is not very intelligent in finding the correct interface to use for communicating with the router.
  • Configure Windows TCP/IP networking to have a static IP address 192.168.1.10.
  • Allways use a wired connection to upload the firmware. Do NOT use wireless connection.

Flashing
Although flashing firmware through the web interface is the preferred method, it didn’t work for me. I had to upload the DD-WRT firmware using Asus Firmware Restoration Tool. This needs the following steps:

  • Do a 30/30/30 reset on the router.
  • [Asus routers only] Power cycle the router to get out of the recovery mode.
  • Disconnect the router’s power cable.
  • Press the “Restore” button on the back of the router.
  • Keep pressing the “Restore” button while plugging in the power cable again.
  • Keep pressing the “Restore” button until the “Power” LED starts flashing slowly.
  • Start Asus Firmware Restoration Tool on your PC (You can find this tool on the CD or download it from the Asus website).
  • Select the correct firmware file you want to upload. Double check to make sure it’s the correct one!
  • Press “Upload” button and wait.
  • Once the firmware flashing process has completed, wait for at least three minutes for the firmware to write information to the nvram.

After Flashing

  • Do a power cycle of the router. Unplug the power cord, count to 30 and plug it back in.
  • Wait for the lights to return to normal. This usually takes about two minutes.
  • Do another 30/30/30 reset on the router.
  • [Asus routers only] Power cycle the router to get out of the recovery mode.
  • Reconfigure the router using the web interface. Do not restore your old settings by uploading an old configuration file, especially when there’s a big version difference between the old and the new firmware. Your router might become very unstable if you do that!

Reference
Styno, Firmware Updating Howto.

Categories: Tips and Tricks Tags: ,

Apply a Template to Existing Presentation in PowerPoint 2007

August 17th, 2009 No comments
  1. Click “Design” tab -> Click the arrow next to the theme gallery so the gallery opens.

    Click Theme Option
  2. Select “Browse for Themes …

    Click Browse Themes ...
  3. Change the file type to “All files” and navigate to your .pot file. Or leave the file type as it is, and navigate to a .thmx, (.potx, .pptx, or .ppsx, etc.) file.
  4. Clicke “OK” to apply the template.

Create a Widescreen Presentation in PowerPoint 2007

August 16th, 2009 No comments

Since widescreen displays are popping up everywhere, sometimes you may need to show a presentation in some widescreen monitors. Using widescreens for presentation display is a great way to use all the available pixels on these new screens around us. In PowerPoint 2007, setting up widescreen presentation is easier than ever, just follow these steps:

  1. Click “Design” Tab -> go to “Page Setup” group -> click “Page Setup” -> go to the pop-up “Page Setup” dialog.

    Page Setup
  2. Click the drop down list called “Slides Sized For” -> Pick one from the two new options for widescreen: “On-screen Show (16:9)” or “On-screen Show (16:10)“.

    Slide Size

[ Note: you should set up your slides to widescreen before you create contents. If you change from standard to widescreen after you have content on your slides, many objects like texts and images will be stretched wider and distort their appearance. ]

Fail2Ban – Preventing Brute Force SSH

August 9th, 2009 No comments

[ Note: This article is copied directly from UNI Debian Page. ]

Fail2ban is used to combat brute force SSH attacks. It does this by watching the log files for invalid logins by specific IPs under a certain amount of time and then using iptables to ban them.

[Configure Fail2Ban]

Fail2ban is automatically configured for the most part. However, little items need to be tweaked. /etc/fail2ban/fail2ban.conf is responsible for general settings for fail2ban, such as what log to append to. More specific settings can be changed in /etc/fail2ban/jail.conf. However, it’s recommended that this file not be directly changed. Instead, make a copy to jail.local (cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local) and the local file will override the .conf one.

First, find ignoreip. It’s always important for you to have a way in! These are IPs are fail2ban will ignore – IPs listed here can always have invalid login attempts and still not be blocked. In my file, I’m putting down the network ranges for my internal network (192.168.1.0/24) as well as one other trusted IP address of a machine that I will be able to SSH into if need be. These need to be space separated! If they are not, fail2ban won’t block anyone.

# "ignoreip" can be an IP address, a CIDR mask or a DNS host
ignoreip = 192.168.1.0/24 X.X.X.X

Default options are listed somewhere near the top of the file. Although there are specific filters specified further down, these default options will take effect unless override in the specific filters. bantime specifies how long an IP address sits in “time out” before it is allowed to attempt to log in again. The default of 600 seconds (10 minutes) is probably fine.

Individual filters are specified with brackets surrounding the filter’s name. By default, only [ssh] is active. Notice this filter has a higher maxretry than specified in the default above. Maxretry specifies the number of times an IP address can attempt to log in before being banned. I changed mine down to 3.

[ssh]
enabled = true
port    = ssh
filter  = sshd
logpath  = /var/log/auth.log
maxretry = 3

After making changes to any files, restart fail2ban with:

/etc/init.d/fail2ban restart.

[ Oops!… Unblocking Blocked IPs]

Fail2ban timesout are only temporary. Still, it’s important to know how to unblock an IP address once fail2ban has started blocking it. If you do iptables -L, you’ll see all the IPs currently blocked:

root@pbx:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
fail2ban-ssh  tcp  --  anywhere             anywhere            tcp dpt:ssh
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
 
Chain fail2ban-ssh (1 references)
target     prot opt source               destination
DROP       0    --  lucient.rootmypc.net  anywhere
RETURN     0    --  anywhere             anywhere

Notice lucient.rootmypc.net is currently being blocked here. Rather than waiting ten minutes for it to be unblocked, you can tell iptables to drop that rule. The syntax is iptables -D <rulename> <rule line>. To unblock lucient.rootmypc.net, I issued

root@pbx:/etc/fail2ban# iptables -D fail2ban-ssh 1

Entering iptables -L again should show that that rule is now gone, and that IP address is again allowed to SSH in (at least until they try to log in incorrectly the magic number of times again).

Categories: Linux, Tips and Tricks Tags:

Google Voice + Asterisk + SipGate DID = Free USA VOIP Service

August 8th, 2009 No comments

This detailed, newbie friendly tutorial was originally written by MrMuffin from slickdeals.net forum. So full credit goes to MrMuffin. However, I made several minor changes that I found necessary for my setup to work.

[Some Basic Terminology]

  • PBX

    PBX is short for Private Brach Exchange. It is a private telephone network commonly used in businesses. It is what lets them have extensions, voicemail, features such as call forwarding, call transfer, conference calling, etc. It manages the entire phone system.

  • Asterisk, FreePBX, PBX in a Flash

    Asterisk is a free, open source, software PBX. You install it in Linux. It is not very user friendly as it uses text files for all of its configuration.

    FreePBX is Asterisk but bundled with a nice web user interface for managing it. It is much more user friendly. This can be installing in a Linux installation.

    PBX in a Flash (PiaF) is actually an entire Linux installation. It installs Linux for you first, then FreePBX inside of that. It is the easiest method and what I will use for this tutorial.

  • VMWare

    VMWare Server is a piece of free software that lets you run a virtual machine (VM) within a computer. For our purposes, it will let us run Linux (and FreePBX) inside of Windows.

    This tutorial uses VMWare Server for Windows. If you do not want to use VMWare and wish to install PBX in a Flash on its own computer, please skip all the VMWare steps.

[Getting and Installing VMWare Server]

  1. Go to http://www.vmware.com/download/server/.
  2. VMWare Server is free, but they require you to register to get a product key and to download. Register and download the software for Windows, which is a 507mb exe file. Make sure you save your product key somewhere safe.
  3. Once the file is done downloading, run it and install VMWare Server with all default options.
  4. Put in your product key at the end of the install, then reboot your PC!

[Getting and Installing PBX in a Flash]

  1. Download http://nerdvittles.simplevoip.info/1.4-32/pbxinaflash.iso.
  2. Move the above file into C:\Virtual Machines\. This directory should have been created by VMWare Server when it was installed.
  3. Download and extract this zip file to the same directory as above: http://pbxinaflash.net/pbxinaflash.zip.
  4. Open Firefox and go to http://127.0.0.1:8222.
  5. You should be able to log in with any Windows user/password combination. If you do not have a password set on your Windows account I do not know if it will take blank passwords. Set a password on your Windows account and try to login here again.
  6. This is the VMWare Server web interface. On the toolbar at the top click “Virtual Machine->Add Virtual Machine to Inventory” In the “Inventory” column click on “standard”. Now in the “contents” column you should see “PBX-in-a-Flash.vmx”. Click on this and click “OK” at the bottom.
  7. On the right side there should be a little box called “Commands”. You should see “Edit Virtual Machine Startup/Shutdown” in blue. Click on this. In this new box that opened, check “Allow virtual machines to start and stop automatically with the system”. At the bottom click on “PBX-in-a-Flash” so that the entire row turns blue. On the right click on “Move Up”. The entire row should move up so that it is under the “Any Order” section. Click “OK”.
  8. Find the “Console” tab in the middle and click on it. You will get a message about the VMWare remote console plugin not being installed. Click “Install Plug-In” in orange. A bar will appear in Firefox at the top saying “Firefox prevented this site…blah blah”. Click on the “Allow” button. Click “Install”. Restart Firefox when prompted. You may or may not have to log back into VMWare’s web interace. Once you are back at the Console there should be a large white triangle in the center of it.
  9. Click the triangle to power on the virtual machine. Click the console a second time to open the virtual machine’s video in a new window. The virtual machine will automatically boot from the CD. You may have to click inside of this window to be able to type. To release your mouse and keyboard from this window hold CTRL+ALT. Again, click in the window to type, CTRL+ALT to release.
  10. At the prompt type “ksalt” and press enter. “US” is selected as the default on the next page, tab over and hit enter on “OK”. Select your timezone and tab over and press enter on “OK”. Enter a password twice here. DO NOT FORGET IT. Tab to “OK”.
  11. Pizza break while this installs.

[FreePBX Installation]

  1. When the setup is complete, linux (CentOS 5) will boot for the first time. After it boots you will be presented with options A, B, C and Q. Press “A” on your keyboard. This will initial the download and installation of FreePBX inside of your new linux virtual machine. Time for some more pizza, this takes a while too.
  2. Once this completes, the system will reboot and you will be presented with a pbx login. Put in “root” as the login and the password you entered twice during setup.
  3. Once logged in, type “update-scripts” and press enter. Read what this next screen says and press enter. Same thing on the next screen. On the third screen read what it says and press “Y”. Once this completes you will see a message that says “You really need to run update-fixes NOW!”. If you do not get this message something went wrong so just run “update-scripts” again and follow the directions.
  4. Now type “update-fixes” and press enter. Read what this says and press “Y”. Now just wait and the next screen will continue automatically. After this completes it prompts you for a password. Put in the same as your root password and press enter. Do it again and press enter. Press “N” when asked about the log file.
  5. Now at this point I highly recommend that you set up the linux installation with a static ip. It will make things easier. If have no idea what a static ip is, then perform step 5a). If you want to configure a static ip, go to step 5b).

    a) Type “ifconfig” and press enter. You will get a bunch of confusing information. Find “eth0” in the top left corner. Look on the second line beneath that and find “inet addr:”. Write down IP address after the colon. It will be 4 numbers seperated by periods. Continue to step 6.

    b) Type “netconfig” and press enter. Press enter on “yes”. Tab down to the IP address field and put in the static ip you want to assign. Tab down through all the fields and put in your specific information. I cannot help you with this as it is specific to each network. Tab to “OK” and press enter when done. Back at the command prompt type “service network restart”. This applies the new static ip.

  6. Open a new tab in Firefox and browse to http://ip.of.pbx/admin <--insert either the number from the last step. Either from ifconfig or whatever you configured as a static ip. The user/password is maint/password, respectively. This brings up the FreePBX configuration page. This is the easy part!

[SipGate Signup]

  1. Open a new tab in Firefox. Go to http://www.sipgate.com/. Click “Sign Up” on the toolbar. Select “I am a residential user”. Fill out the form and click the “Sign up now” button at the bottom.
  2. Check your email and click on the link from SipGate. This page will generate a phone number for you, probably with area code 415. Get a sheet of paper and write the following at the top: “SipGate Info”. Underneath that write “SipGate Phone #” and next to that put the 415 number you were just given. Click “Proceed with the selected number”, then “Proceed with the next step”, then “Skip this step”, then lastly “Proceed to account”. You will be at a very email-like inbox.
  3. Click “Settings” in the top right corner. You will be taken to a page that has a small picture of a phone and underneath it says “Phone of ” Place your mouse on this phone image and on the menu that appears, click “SIP Credentials”. Get your “SipGate info” paper and write down the SIP-ID and the SIP-Password, we will need them later.
  4. You can totally close the SipGate site now, so just close this tab and return to the FreePBX webmin.

[FreePBX Configuration]

  1. On the left toolbar click “Module Admin”. Now click “Check for updates Online”. Now click “Upgrade All” and then “Process”. Click “Confirm” on this page. An orange box pops up and it starts updating the modules. Scroll down inside of this orange box and click on “Return” when it appears. You will be returned to Module Administration where you need to click on “Check for updates online” again. Click on “Download All” and then “Process”. Click “confirm” on this page again, the orange box re-appears and performs the install. Scrolls to the bottom of the orange box and click “Return” when it appears.
  2. At the top of the page you will see “Apply Configuration Changes” with an orange background. Click this and choose “continue with reload”. We will have to do this often, so know to perform these steps when I say to “reload configuration”.
  3. On the left toolbar, near the bottom click on “Parking Lot”.
    * Check “Enable Parking Lot”.
    * Change the “Number of Slots” to 5.
    * Change the “timeout” to 30.
    * Click the radio button for “Terminate Call”. Make sure it says “Busy” in the dropdown.
    * Leave everything else at defaults and click “Submit Changes”.
    * Reload.
  4. At the top of the left toolbar click “Tools”. Click on “Custom Destinations”.
    * For “Custom Destination” enter “custom-park,s,1”.
    * For “Description” enter “Custom GV-Park”.
    * Click “Submit Changes”.
    * Reload.
  5. At the top of the left toolbar click “Setup”. Click “Extensions”.
    * Leave as “Generic SIP Device” and click “Submit”.
    * For “User Extension” enter “221”.
    * For “Display Name” enter “Home”.
    * For “secret” put in a simple password and remember it for later.
    * Leave everything else as default and click “Submit”.
    * Reload.
  6. Click “Trunks” on the left toolbar. There is probably a link on the right that says “Trunk ZAP/g0”. Click this and delete it. You return to “Add a trunk”. Click “Add Custom Trunk”.
    * For “Outbound Caller ID” enter your google voice number.
    * For “Custom Dial String” enter “local/$OUTNUM$@custom-gv”.
    * Click “Submit Changes”.
    * Reload.
  7. You should be back at “Add a Trunk”. Click “Add SIP Trunk”.
    * For “Outbound Caller ID” enter your google voice number again.
    * For “Trunk Name” enter “SipGate Truck”.
    * In the large “PEER Details” area paste the following, but we will have to modify it to suit you:

    host=sipgate.com
    username=3115051e0
    secret=A4JXD3
    type=peer
    fromdomain=sipgate.com
    fromuser=3115051e0
    disallow=all
    allow=alaw&ulaw&gsm&g729
    context=from-trunk
    insecure=invite
    caninvite=no
    canreinvite=no
    nat=yes

    * Get out the “SipGate Info” sheet of paper I had you write all that info on. Change “username” and “fromuser” to the “SIP-ID”. It will be in the same format, 7 numbers followed by e0. Change “secret” to the “SIP-Password” you wrote down. It will also be 6 characters, numbers and letters.

    * In the large “USER Details” area paste the following. Again, change “fromuser” and “secret” to your “SIP-ID” and “SIP-Password”.

    type=user
    context=from-trunk
    fromuser=3115051e0
    secret=A4JXD3

    * For “Register String” enter:

    3115051e0:A4JXD3@sipgate.com/4157286154

    * Modify this with the details from your “SIP Info” paper. The format is “sipid:sippass@sipgate.com/sipgatephonenumber”.

    Click “Submit Changes” and reload.

  8. Click “Outbound Routes” on the left toolbar. There is probably a link on the right that says “0 9_outside”. Click this and delete it. You return to the Add Route page.
    * Name this route “GoogleVoice”.
    * For “Dial Pattern” enter “NXXNXXXXXX”.
    * For “Trunk Sequence” select from the first dropdown “local/$OUTNUM$@custom-gv”.
    * Click “Submit Changes”.
    * Reload.
  9. Click “Inbound Routes” on the left toolbar. It will bring up a page to add an incoming route:
    * Description: GV-Ringback.
    * DID Number: gv-incoming.
    * Caller ID Number: BLANK.
    * Scroll to the bottom and click the radio button next to “Extensions” and make sure “<221> Home” is selected in the dropdown.
    * Click “Submit”.
    * Reload.
  10. On the top right click “Add Incoming Route”. This is the same step as #7 but with different settings:
    * Description: Regular Incoming Calls.
    * DID Number: BLANK.
    * Caller ID Number: BLANK.
    * Scroll to the bottom and click the radio button next to “Custom Destinations” and make sure “Custom GV-Park” is selected in the dropdown.
    * Click “Submit”.
    * Reload.

[Installing Google Voice Script]

  1. You should have the VMWare PBX-in-a-Flash remote console still running. Bring it up. The screen may be black, so just click on it then press escape. If you no longer have it up, go back in the tutorial and find the instructions for logging into the VMWare Server web interface and bringing up the remote console then continue here.
  2. Enter the following commands, one by one, each line followed by the enter key
    cd ~
    wget http://www.muffinworld.net/freepbx/install-gv-new
    chmod +x install-gv-new
    ./install-gv-new

    Answer the questions about your google voice.
    The last two questions are confusing:

    “11 digit ringback DID”. This is your SipGate phone number, so enter the entire 10 digit number, with a 1 at the front. Example: 14157286154.

    “Parking Lot Magic Number” is “75”.

    After you have entered all the info press enter to continue with the installation.

  3. Once installation is complete type in this command followed by enter:
    /var/lib/asterisk/bin/module_admin reload

[ATA Configuration]

Access the configuration for your particular ATA. Here are some generic settings:

Port: 5060
Proxy: <ip-of-linux-vm> (either static or the one you wrote down)
User: 221
Pass: <somepass> (this was the "secret" you entered when creating extension 221)
Use AuthID: yes
AuthID: 221

This is all I had to enter on my Linksys PAP2-NA to get it to connect to asterisk as extension 221.

You should now be able to call the SipGate 415 number from any phone and asterisk should ring your ATA and any phone connected to it. If you go to google.com/voice and add the 415 and enable forwarding to it, all calls to your GV # will ring through to your ATA. Make sure to disable Call Screening and Call Presentation in the GV settings. Also make sure Caller ID is set to “Display caller’s number”.

That’s it. Enjoy.