• Search



• Recently Written

  • A Root Shell On Ubuntu : The Right Way
  • Why ufw Does Not Need A GUI
  • Install VMware Server 1.0.5 on Ubuntu 8.04 “Hardy”
  • “Ubuntu on the EeePC” : OpenWeek Presentation Went Well
  • Follow My MOTU Journey…
  • Packaging 101 A Success At Ubuntu OpenWeek
  • Extended Display on the MacBook (with xorg.conf) : Ubuntu 8.04
  • Presenting At Ubuntu OpenWeek - Ubuntu on the EeePC
  • Ubuntu 8.04 “Hardy” Rocks My Servers Socks!
  • This Site Will Be Upgrading To Ubuntu 8.04 Server Today

• Categories

  • automatix
  • Big Brother
  • c0de
  • Community
  • Compiz/Beryl
  • Dapper/nVidia
  • Development
  • Dvorak
  • EeePC
  • EMail
  • Folding
  • FOSS
  • Games
  • GNOME
  • Hardware
  • Installation
  • Instant Messenger
  • Internet
  • KDE
  • Linux
  • macbook
  • Media
  • News
  • nVidia
  • origami
  • Privacy
  • Questions
  • Randomness
  • Security
  • Server
  • Testing
  • Ubuntu
  • Upgrade
  • virtualization
  • Web Development
  • Wordpress

• Archives

  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006

• Admin

  • Log in
  • Wordpress
  • XHTML

update: I have also found that prefetching is active in the Epiphany browser as well. The instructions to de-activate it are the same, see below.

I recently found out that Firefox has a feature called “prefetching” that tries to pre-download items that it suspects you might click on soon.  This could help in pre-downloading content that you would visit next (ie; it is linked on the page you are visiting therefore you might access it next), but it can also have the nasty negative effect of wasting your bandwidth on items you don’t ever want.  This can also download cookies from sites you haven’t visited, etc.  Seems like a nasty feature to me!

I also found that this prefetching feature will cause your connection to the ubuntuforums.org (and a few other sites) to be refused if you are also going through a squid proxy.  So, this is a quick suggestion on how you can disable prefetching in Firefox.

Disable Prefetching in Firefox

In your browsers address window enter the address:

about:config

This will pull up your browser settings (in FF3 it will warn you that there be dragons ahead!  Just accept the warning.)  You’ll now want to search for the following string, which you’ll toggle off:

network.prefetch-next

To toggle off this setting simple double-click the listing and it will set to false.  Prefetching items that you might download is now disabled.  Your machine will now kindly only download the content, cookies and images that you actually access directly.

I post tutorials very regularly on this site. You may want to consider subscribing to the RSS feed. Or if you'd prefer these tips sent to your inbox you can use Email Subscriptions.

I realized the other day that the flashplugin-nonfree package appears to be broken.  It’ll act like its installing but at the end, if you pay close attention, it’ll give an error about the md5sum not matching and give up.  This applies to installing the package manually or via the browser notification itself.  I wanted to post a temporary fix while we wait for the package to be updated.

Manually Install Adobe Flash

1. Download the Flash for Linux archive
2. Unpack the archive (/tmp perhaps)
3. sudo cp libflashplayer.so /usr/lib/firefox/plugins

Once you’ve copied the file Flash should be functional.  You may need to restart the browser if you run into performance problems.  Also note that these same steps work for installing flash for the Epiphany browser (yes, even placing them in the firefox folder).

If you still have the flashplugin-nonfree package installed this shouldn’t immediately conflict and my guess is that once there is an update it’ll seamlessly fall into place.  I don’t forsee any conflicts, but you’re welcome to correct me if I’m wrong.

I picked up an old Sun UltraSparc 10 this last week and I set it up yesterday with Ubuntu 6.06 Server. I think I’ll have it run my irssi/bitlbee server, and I was also thinking it could be my local DNS/DHCP server.. but this is where I get into unknown territory for my network. As long as I’ve had high-speed I’ve set a hardware router in place and have not had to deal with this. As the title suggests I’m thinking outloud with this post, mainly just looking for some feedback to make sense of how to put this together. Here is my current network setup.

Current Network Setup

I have DSL which comes in the DSL Modem which is configured with PPPoE transparency (I believe) so that the current router can submit the PPPoE login information. The current router (Netgear Wireless + switch) has the PPPoE information and acts as the DHCP/DNS. This then uses an out-port from the Wireless Router back to a Netgear 8 port 10/100/1000 switch, also daisy-chained to another identical switch which all the machines in the house are connected to. (No I don’t have 16 machines in my house, but I have LAN ports in each room for mobility).

DSL -> Wireless Router (DHCP/DNS/FIREWALL) -> Switch 1 & 2 -> machines

Attempted Network Setup

What I would like to do is remove the Wireless Router as the DNS/DHCP and simply use it as an access point. I would like to use one of my servers as the DNS/DHCP server and I suppose that would end up being the firewall as well. This new setup would then be something like:

DSL -> Sparc (DHCP/DNS/FIREWALL) -> Switch 1 & 2 -> Wireless Access Point & Machines

I have done a bit of reading regarding pppoeconf on Ubuntu and I have been able to set that up on the server. The problem was then that the Sparc machine could get out but nobody else could. I understand I’ll need to activate ip_forwarding on that machine and probably put together an iptables MASQUERADE rule, but what else do I need here?

ifconfig shows the PPP connection and WAN IP. I then have eth0 and eth1 (although I’m assuming PPP is using one of those as well?) So we make eth1 the external, PPP connected device, and give eth0 a static IP such as 192.168.0.1? For this machine to allow network traffic to the internal network does it *need* a named server going or would it work if the clients had external DNS configurations (like the ISP or opendns.org?) At this point do I need DHCP server going as well? There are reasons why I would want this (initially the reason for this whole spagetti mess), but for initial connection testing is it *required*? Can the clients just configure static networking on the same subnet?

I guess I’m wondering, at the minimal level, what needs to be wired to what & what services are *required* to allow connection from all the machines? The details on configuring DHCP and DNS I can take care of, I just want to make sure everything is wired properly. Any thoughts?

I found a really quick fix today for disabling ipv6 completely on Ubuntu 7.10 (not yet tested on previous versions). This might be of interest to some of you that have had networking problems, as I’ve heard disabling ipv6 at least within the browser has been a help here. This tutorial will disable ipv6 completely on the machine. At this point activating or disabling ipv6 probably wont make much of a difference as very few people actually implement or use ipv6. Unless you know you have a reason to need (or not need) this, you can probably safely leave it where it is.

Disabling ipv6 on Ubuntu 7.10

We’ll simply need to change a line in one of the configuration files that loads the ipv6 module to the kernel. As of yet I have not figured out a way to update this change outside of restarting the machine. If anyone has any suggestions on removing ipv6 “live” I would appreciate it.

Change the line is /etc/modprobe.d/aliases from:

alias net-pf-10 ipv6

to

alias net-pf-10 off

Again, at this point you’ll need to restart your machine for the change to take place. If anyone knows of a way to avoid the reboot I would appreciate it.

Update: Visit Save The Internet and let your voice be heard!

Sunday afternoon I finished setting up a dedicated rtorrent server for seeding Ubuntu .iso images. I do my best to hand out all the CDs I can, but I also figured I could make use of the bandwidth I have to do the same. Once I got on that idea I realized I had access to two Comcast connections (family) where I could drop in two more of these “rtorrent appliances”. So, I got to work setting a second one up and dropped it on the network at my Dad’s house.

Wasn’t I surprised to find that my seeds weren’t taking off. After some quick Google searching I found that Comcast is cutting torrent connections nearly across the board. All across the internet people are complaining about Comcast not letting them seed anymore–and many of these for completely legal material!

I know bittorrent is associated with a lot of pirating. Hell, so was ftp and whatever other protocol you want to drop in here. This doesn’t mean that it is *only* used for pirating. This doesn’t mean that there aren’t legit reasons to use the efficient protocol. Apparently Comcast doesn’t see it this way.

The way I see it this is the first step toward a Tiered Internet, whether or not any such thing is approved in Legislation or by the consumers. Comcast doesn’t care. They are simply cutting off access to part of the Internet, plain and simple.

I would not be surprised at all to soon hear that Comcast will allow bittorrent traffic, for an additional fee. If you *really* want to use that protocol you can pay us more, but otherwise we don’t deem it as part of “normal internet usage”. Once that starts what is to stop the avalanche that will happen next?

“You want access to YouTube? It really uses a lot of bandwidth and we weren’t expecting most people to use more than casual browsing and email. That’ll be $5/mo additional.”

If Comcast is able to start cutting off access to internet protocols they are already to the Tiered Internet that will only become grounds for corruption and extortion. Who will be next?

The telecoms like the idea of a Tiered Internet because they can then extort both sides of the product. Since they are the middle-man they can charge more to the consumers for access to “the whole internet” and charge more to large domains and take pay-outs from big online powerhouses to provide “better or preferred” access to them.

What do I mean by that? We all know Google pwns the internet. We start getting into the Tiered Internet setup and Microsoft gives a big payout to Comcast, requiring them to limit access to Google, while preferring access to Windows Live Search (or whatever the hell its called). They’ll make up some reason why its more efficient for bandwidth or some BS and you’ll have to pay more to get to Google. They would be in the perfect position to rake in huge piles of money from both ends, with nothing to stop them.

The internet needs to stay open. The *whole* internet. Not the convenient internet. Not the bandwidth friendly internet. Not the bribed-into-becoming-the-new internet. The whole internet. All protocols. All sites. All networks.

If Comcast is allowed to continue cutting off even one protocol we’ve already lost. Voice your opinion. Contact your local office. Complain. Make some noise. Switch providers.

Until then I’ll be getting these two Comcast connections switched to a competitor. It may be a slower internet (in my area) on DSL, but at least its the whole internet.

Update: Visit Save The Internet and let your voice be heard!

In a follow up from my previous post here, I want to quickly outline how to openID enable your Wordpress blog.  I know it isn’t Linux / Ubuntu related, but we can stretch and say that your server is running on Linux / Ubuntu so it’s close enough, right?
Register For an OpenID

The first thing you need to do, if you haven’t already, is setup an openID.  You can find a provider (openID provider list), or use the server I used at myOpenID.

Register at one of the providers for free, and you should end up with something similar to:

username.myopenid.com

Install the Plugins

Download the openID Wordpress plugin

Download the openID Delegation plugin

Install both of these to your /wp-content/plugins/ folder, and activate them within your blog Dashboard > Plugins menu.  (details for installing each plugin are on each link above, but this is the general idea.)

Once the plugins are installed and activated you’ll need to enter a few details in the settings for each.  Navigate your way to Options and select the OpenID submenu.  There you’ll need to enter the trusted root of your site, which is generally the full domain, ie; http://ubuntu-tutorials.com.  The other settings on that page are up to you, but you’ll probably want the last three checked at least.

Once you have these settings updated make sure to Save, and then navigate to the OpenID Delegation submenu.  On this tab you’ll need to fill in three fields.  These are pretty simple.  In my case, with an openID address of http://zelut.myopenid.com the three fields are:

http://zelut.myopenid.com

http://zelut.myopenid.com

http://zelut.myopenid.com/xrds

Match those to your openID registered address (if not registered at myopenID.com your address will be different).

At this point your site should be OpenID enabled.  Anyone with an OpenID can then comment or register on your site, without having to actually register on your site.  It’s perfect.  Enjoy.

Big thanks to Aaron over at pthree.org for helping me set up openID for this blog.  If you have an openID account this is now one more site on a growing list that you’ll have easier ID access to. Although it isn’t technically Ubuntu related / specific I do plan on outlining how to setup openID for your blog (Wordpress).

In any event, if you don’t yet have an openID, head on over to MyOpenID and register for free.  Or choose from a long list of providers here.

This tutorial will outline how to connect your Linux machine (probably not distro-specific, but this was tested and created using Ubuntu 7.04) to dial-up networking via a Treo 700p Smart Phone. This method uses USB connection and requires a data plan with your service provider. I use Sprint as they have the cheapest unlimited data plan.

In speed tests over the last few days here I have achieved ~350+kbps up and down speeds. This actually beats some residential DSL speeds that I’ve seen. Not bad. Now for the good stuff…

There are two sections of this tutorial. The first is preparing the phone to share connection to the computer. The second is telling the computer how to connect to the phone. Neither are terribly complicated, just make sure you follow the steps carefully.

Step 1 : Configuring the Treo 700p

From what I understand Sprint changed something since the Treo 650 and now require you to pay extra to share a data connection to your computer. We, of course, don’t want to do that so we’ll use a small piece of third party software to help us share this connection. This application, which you’ll need to install to your Treo 700p is called USB Modem.

I should note that this is not free software and is for-pay software, neither are points that I’m thrilled about but when there aren’t any other tools for the job… (anyone want to reverse engineer some Palm code?)

There is a free trial of that application that will run for 14 days or 30 connections. I’d suggest using the trial to initially set this up and if you find that its something you use go ahead and pay the $24.95 for the full version.

In any event, you’ll want to download the USB Modem application and install the .prc file to your Treo 700p. This tutorial will not outline installing or syncing your PDA. This assumes you already have a method of doing that. Remember to install the application to your phone itself and not a memory card.

After installing the USB Modem application navigate to it on your phone, but do not yet ‘Enable Modem Mode’. We’ll do that in a minute.

Step 2 : Configuring the Linux machine

I should note before I dive into this section that the USB Modem archive also includes instructions for setting up Linux, OS X and Windows. If you have trouble you might want to double check those instructions for more details.

On Ubuntu 7.04 (yet untested on other distributions) you need to manually add a kernel module for the Smart Phone syncing to be properly recognized. You can do this manually (not persistent) by using the command:

sudo modprobe visor

If you would like to make this persistent, which is something I have done, you will want to append a line “visor” to the end of your /etc/modules file. This way the kernel will be watching for a Smart Phone / PDA connection. If you don’t make it persistent you’ll, of course, need to do it manually each time you plan on connecting.

In my situation, using Sprint and an EVDO network, my connection does not require any kind of username and password to connect to the data network. This simplifies the steps a bit, but if your provider needs such information it isn’t too much different. Please refer to the USB Modem instructions for where to add your username and password.

The first step (and simplest way I found to connect) is to copy the connection script from the USB Modem archive to your /etc/ppp/peers/ directory. I used this command (assuming you’ve unzipped the archive to your Desktop):

sudo cp ~/Desktop/drivers/linux/ppp-script-evdo-template /etc/ppp/peers/ppp-script-treo

After you have copied the EVDO template file to the location above you should be ready to make your connection. note: I had to close existing connections (eth0, wlan0, etc) for this to work. Can anyone else verify this?

At this point you’ll want to reach over to your Treo 700p and “Enable Modem Mode”. If you’d like to see that the machine is recognizing your phone you could take a look at /var/log/messages.

Now that the phone is set to “Modem Mode” run the following command on the Linux machine:

sudo pppd /dev/ttyACM0 call ppp-script-treo

This will post some output to the screen and tell you whether or not you’re connecting. If you are assigned a remote and local IP plus primary and secondary DNS you’re most likely connected. You should get your prompt back at this point. Try pinging a location to verify your connection.

ping -c3 google.com

If your ping works you’re set. Enjoy your ppp connection over your phone. Internet wherever you have phone service. w00t! If it didn’t work please leave a comment and we’ll see what we can do for you. (chances are differences in providers, EVDO vs EDGE, etc).

I had heard about OpenDNS a while ago but for some reason never looked much into it. A magazine article tonight reminded me about OpenDNS so I thought I’d take a look. Well, I’m happy that I did so far. I thought I would outline a few steps for you to get OpenDNS setup on your machine.

First, what is OpenDNS?

OpenDNS is a better DNS, free to all. OpenDNS uses its distributed network of DNS servers to speed up your Internet experience, increase reliability, improve security and make DNS smarter for users all over the world.

Basically you can stop using your ISPs DNS, which can often be slower or unreliable, and use this instead. Here is how to set it up on an Ubuntu machine. You can see the Ubuntu setup instructions on the OpenDNS site if you’d like more information.

sudo cp /etc/resolv.conf /etc/resolv.conf.auto

sudo gedit /etc/dhcp3/dhclient.conf

Look for the below line, which will be commented, and match this setting.

# append the following line to the document
prepend domain-name-servers 208.67.222.222,208.67.220.220;

Once your entry matches this you will want to save the file and restart networking using a command such as the one below.

sudo ifdown eth0 && sudo ifup eth0

You can then visit this address to verify that you’re using the new OpenDNS service.

http://welcome.opendns.com

I realize that my earlier post was a bit short. There are those days that I try to put out a tutorial (based on my daily goal) and end up not having a lot of time. I apologize for the short post, but I’ve got the rest of the details.

After you’ve installed Firestarter you’ll need to initially run it and configure it. Since Firestarter is a security application it will need to be run as an administrator. After installation run the following:

ALT-F2: gksudo firestarter

You will be prompted for your admin password and then firestarter will begin the initial Firewall Wizard. As this wizard mentions, if you are unsure about any of the settings it is generally safe to assume the defaults.

Step 1: Welcome to Firestarter

Step 2: Select your network device.

Step 3: Do you need to share this device with another machine?

Step 4: You’re ready to start creating rules.

As you can see from this last screenshot the interface is fairly simple. You can see the current status (Active) which can be turned off using the “Stop Firewall” button to the top.

You may need to turn on / off the firewall as you create rules. In some cases your firewall will block needed traffic. In this case you can troubleshoot things by turning off the firewall while you get used to creating rules.

If there have been any events (firewall notifications) you can see those listed in the events tab. This is where you can see if anyone is trying to access your machine, where they are coming from and what port they are trying to connect to. As you watch this you’ll be able to create custom policies.

To create a policy simply select the policy and create in incoming or outgoing network policy. A simple explanation of these are:

incoming: what do you want to allow in to your machine.

outgoing: where do you want to be able to go out of your machine. outgoing policies can be used to filter traffic or websites (ie; parental filters, blocking microsoft.com, etc)

outgoing policies can be set using whitelisting or blacklisting policies. of course, whitelisting is permissive by default and blacklist is restrictive. Try a few things and test out your firewall. Firestarter is very easy to use. It generally takes a minute or two to know where to create your rules, but after that you can lock down your machine to your comfort.

Update: per the comment left by Chris below it should be noted that whitelisting is more restrictive than blacklisting as it only allows the sites included in the whitelist. Blacklisting specifically denies only the sites listed in the blacklist.

Technorati Tags: firestarter, firewall, gnome, ubuntu, usage

Next Page →

Subscribe to the RSS feed!





Get Ubuntu!





• Blogroll

  • Affordable Ubuntu Desktop
  • Linux Training
  • Ubuntu Community Documentation
  • Ubuntu Community Support
  • Ubuntu Geek

Ads by Google