Configuring an iwi wireless interface on FreeBSD 7.0

I had a few bumps trying to configure the iwi(4) wireless interface on my laptop. What I wanted to do was to let my iwi wireless interface an IP address thru a DHCP. The documentation for this configuration is quite scarce - as of this writing. So, I'm posting this and perhaps somebody with the same hardware might stumble upon this post would find some useful hints.

I'm assuming that you've got your interface running with all the necessary kernel modules, boot loader variables and what-not.

Givens:

SSID (nowires)
WEPKEY - hex (0x042Z923954)

Edit /etc/rc.conf and add the following:

ifconfig_iwi0="ssid nowires wepmode mixed weptxkey 1 wepkey 1:0x042Z923954 DHCP"

It took me a while to figure out that wepmode, weptxkey and the wepkey index are necessary - at least in the wireless network setup that I was using. I you read ifconfig(8) for more information about wireless interface options for WEP.

We'll, that's just about it... network connection without any wires.

small updates on my OpenBSD 4.4 configuration

First, I googled on how to start daemons that are not part of the standard install. Surprisingly, it's not that hard. You only need to edit `/etc/rc.local'.

In my case, I wanted to run dnsmasq on boot, so I added the following in `/etc/rc.local'

if [ -x /usr/local/sbin/dnsmasq ]; then
    echo -n ' dnsmasq'; /usr/local/sbin/dnsmasq
fi

Second, I noticed that `/etc/dhcpd.interfaces' no longer existed in OpenBSD 4.4 (this used to contain the interfaces you want your dhcp server to listen to). So, instead of using that file, I added the interface name as a flag in `dhcpd_flags`.

My `/etc/rc.conf.local' now contains this entry

dhcpd_flags="rum0"

Well this is it for now... these are just small details but I just want to note them down.

My home network config (for now)

I configured one of my old desktop as a home router with OpenBSD 4.4 installed. It still needs more polishing but roughly this is what I have,

1) Wired LAN with static IP addresses connected to my router-desktop's rl0 interface thru a switch with a 10.10.10.0/24 network address.

2) Wireless LAN interface with DHCP'd addresses coughed up by a USB rum0 interface with a 172.168.255.0/24 network address

3) Gateway interface (vr0) connected to my ADSL router, acquires IP thru DHCP. The ADSL router's IP adress is 192.168.1.1 sitting on a 192.168.1.0/24 network.

What I wanted to do with my setup was to simply allow all my LAN (wired/wireless) devices to say "hello world" to the internet using my ADSL router. To do this, I needed a way to do NAT (pf is an obvious choice for doing this) and also, I needed a way for my LAN to get send and receive DNS packets. For the DNS thingie, I opted to use dnsmasq because I think it is the easiest to configure.

here's my pf.conf

LAN_IF="rl0"
WLAN_IF="rum0"
EXT_IF="vr0"

TRANS_PROTO="{tcp, udp, icmp}"

table  const {10.10.10.0/24, 172.168.255.0/24}

scrub in all

no nat on $EXT_IF proto $TRANS_PROTO from  to 
nat on $EXT_IF proto $TRANS_PROTO from  to any -> ($EXT_IF)

block log all

pass quick log on lo0

pass out quick log on $LAN_IF inet proto udp from ($LAN_IF) port 53 to any \
port 53 keep state
pass out quick log on $WLAN_IF inet proto udp from ($WLAN_IF) port 53 to any \
port 53 keep state

pass in quick log on $LAN_IF inet proto $TRANS_PROTO from  to any
pass out quick log on $LAN_IF inet proto $TRANS_PROTO from any to  keep state

pass in quick log on $WLAN_IF inet proto $TRANS_PROTO from  to any
pass out quick log on $WLAN_IF inet proto $TRANS_PROTO from any to  keep state
pass out quick log on $EXT_IF inet proto $TRANS_PROTO all keep state

And, here's my dnsmasq.conf (actually, it contains more than that but they were commented out, I'm just showing the parts that I uncommented for brevity's sake)

interface=rl0
interface=rum0
except-interface=vr0
no-dhcp-interface=rl0
no-dhcp-interface=rum0

So basically that's it. With this setup, I can connect to the Internet from inside my LANs. Although, I still run dnsmasq manually. I still haven't figured out how to run it on bootup.

If by some freak of nature somebody else other than myself happen to read this post - I'm refering to YOU, obviously - and found something wrong with the setup, most specially the pf configuration. Please, by all means, feel free to comment on it. Because at this moment, I'm having my beer and I'm too tired to check my configurations again.

Making OpenBSD 4.4 detect a D-Link DWA-110 USB Wireless adapter

I previously posted something about how to make OpenBSD 4.3 detect a DWA-110 USB wireless adpater. Well, I upgraded my box to 4.4 but the code did not make it to that release. So, I had to do the same modifications for the rum driver code.

I guess I'll just have to wait for future releases to have a working/clean driver out of the box.

running Apache2 with SSL on Opensuse 11.0

Gone are the days when we only have to edit a simple httpd.conf for Apache to run and do our bidding. I spent an ample amount of time trying to figure out how to make Apache2 on OpenSuse 11.0 run with SSL. So, I'm writing these down for all my fellow idiots in hopes that whoever is responsible for this travesty would somehow realize that enabling SSL should be simple enough to mere idiots like myself and thousands moreout there.

So here goes...

First up, make sure you tell Apache2 that you want SSL. So, add the `SSL' to the global configuration variable `APACHE_SERVER_FLAGS' found in `/etc/sysconfig/apache2'.

Second, edit `/etc/apache2/listen.conf' and add the IP-port combination of where you want apache2 to listen. In my configuration, I added the following :

Listen 10.10.10.3:80
Listen 10.10.10.4:443

Third, make virtual host settings in `/etc/apache2/vhosts.d' (Just copy the templates and go from there, you might want to do other funky things with your virtual hosts). To be more explicit about what I meant about copy, here's what I did on the prompt:

# cp /etc/apache2/vhosts.d/vhost.template /etc/apache2/vhosts.d/vhost.conf
# cp /etc/apache2/vhosts.d/vhost-ssl.template /etc/apache2/vhosts.d/vhost-ssl.conf

In my case, the only important thing I wanted to setup on my vhost configs was my DocumentRoot. So, I placed /srv/www/htdocs for non-SLL requests(vhosts.conf) and /srv/www-ssl for SSL requests (vhost-ssl.conf).


Fourth, comment out the `Include /etc/apache2/sysconfig.d/include.conf' in `httpd.conf'. It causes Apache2 to not run for reasons that I do not want to know of.

Fifth and the most important, all configurations that are wrapped in the following tags should be commented out:

<IfDefine SSL>
<Ifdefine !NOSSL>
<IfModule mod_ssl.c>

As far as I can remember, these exists in `listen.conf', `ssl-global.conf' and `vhost.d/vhost-ssl.conf'.

So, here's my sort-of-rant about the whole SSL thing(this is highly influence by the frustration brought about by the comment-out-IfDefines part): First, enabling SSL should be easy (very minimal changes in the configuration). As a matter of fact, it would be so much better if it were already enabled by default.

Second, for some freak of nature the IfDefines did not work. It caused me to go around in circles trying to find out why apache would not listen to port 443 even if `SSL' was already set in `APACHE_SERVER_FLAGS'. I decided to remove all IfDefines/IfModules around all SSL related configurations and it everything worked smoothly like a well lubricated orifice. I'm guessing this problem is OpenSuse sepcific -OR- it could also be user specific, meaning, I missed something... somewhere... over the firggin' rainbow.

Anyway, if ever I get the time, I'll try to research more on this issue and if it IS a bug, I'll probably bring this up on OpenSuse's mailing list.

Configuring rum(4) Interface for DHCP on OepnBSD 4.3

A couple of posts back, I wrote about making my D-Link USB wireless adapter (DWA-110) work with OpenBSD 4.3. This time, I'll post how I made it work as an AP and "un-securely" assign IP addresses to any host.

First, I created a file `/etc/hostname.rum0' and put the necessary information needed for the interface to work as an AP. In my case, I placed this line (this very self-explanatory, no need to explain each part):

inet 172.168.255.1 255.255.255.0 172.168.255.255 media autoselect mode 11g mediaopt hostap nwid jakosalem chan 11

Second, I wanted DHCP to listen to the rum(4) interface and spew out IP addresses for requesting hosts. I did this by adding the interface name `rum0' to the `/etc/dhcpd.interfaces' file and then, I edited `/etc/dhcpd.conf' and placed the following lines:

default-lease-time 3600;
max-lease-time 86400;

subnet 172.168.255.0 netmask 255.255.255.0 {
option routers 172.168.255.1;
option broadcast-address 172.168.255.255;
range 172.168.255.100 172.168.255.254;
}

Lastly, to make DHCP run everytime I boot, I added the line `dhcpd_flags=""` to `/etc/rc.conf.local'.

And that's about it - DHCP for wireless clients at home. Wohoooo!

NOTE: This configuration lacks security measures - OBVIOUSLY - to the point where an any security-pundit would most likely choose to slash his/her wrists rather than think about the sheer absurdity of this configuration. I'll post a more secure configuration when I'm bored enough and have nothing else to do.

mounting FreeBSD partition(UFS) in Ubuntu

`$ sudo mount -r -t ufs -o ufstype=ufs2 /dev/<partition> <mount point>'

I'm running Ubuntu with Linux kernel version 2.6.24-16 with a FreeBSD 7.0 installed on another partition. The reason why I'm writing this down is that the man pages for the `mount' command on Ubuntu does not show a specific/correct way to mount a UFS parition for new(er) FreeBSDs.

Making OpenBSD 4.3 detect a D-Link DWA-110 USB Wireless adapter

I bought a D-Link USB Wireless adapater, more specifically, a DWA-110. I wanted to use the device on my very old desktop with OpenBSD 4.3 installed (I'm currently using that box as a "mini" router at home). Before I bouoght the device, I browsed through OpenBSD's list of supported wireless devices. And, sure enough, DWA-100 has a Ralink chipset that is supported by the rum driver. Now, being an idiot that I usually am, I forgot to check the branch (the driver code is still on -current) and bought the device. By now you probably know what happened next...

Out of sheer desperation, I tried following the commits made to -current that enabled the driver support for this device. Luckily, I got it working - well I haven't really used it much so there could still be quirks along the way.

Below is a simple diff of the modifications that I applied (I would have given a link to the diff file but unfortunately I don't have any place to upload files... you'll just have to make do with this ugly white on black html version of the diff file):

diff -ruN src.orig/sys/dev/usb/if_rum.c src/sys/dev/usb/if_rum.c
--- src.orig/sys/dev/usb/if_rum.c       2008-03-05 03:42:04.000000000 +0800
+++ src/sys/dev/usb/if_rum.c    2008-09-17 03:59:44.000000000 +0800
@@ -97,6 +97,7 @@
        { USB_VENDOR_COREGA,            USB_PRODUCT_COREGA_CGWLUSB2GL },
        { USB_VENDOR_DICKSMITH,         USB_PRODUCT_DICKSMITH_CWD854F },
        { USB_VENDOR_DICKSMITH,         USB_PRODUCT_DICKSMITH_RT2573 },
+       { USB_VENDOR_DLINK2,            USB_PRODUCT_DLINK2_DWA110 },
        { USB_VENDOR_DLINK2,            USB_PRODUCT_DLINK2_DWLG122C1 },
        { USB_VENDOR_DLINK2,            USB_PRODUCT_DLINK2_WUA1340 },
        { USB_VENDOR_GIGABYTE,          USB_PRODUCT_GIGABYTE_GNWB01GS },
diff -ruN src.orig/sys/dev/usb/usbdevs src/sys/dev/usb/usbdevs
--- src.orig/sys/dev/usb/usbdevs        2008-03-05 03:42:04.000000000 +0800
+++ src/sys/dev/usb/usbdevs     2008-09-17 03:59:29.000000000 +0800
@@ -1083,6 +1083,7 @@
 product DLINK2 DWLG122C1       0x3c03  DWL-G122 rev C1
 product DLINK2 WUA1340         0x3c04  WUA-1340
 product DLINK DUBE100B1                0x3c05  DUB-E100 rev B1
+product DLINK2 DWA110           0x3c07  DWA-110
 product DLINK2 RT2870          0x3c09  RT2870
 product DLINK DSB650C          0x4000  10Mbps ethernet
 product DLINK DSB650TX1                0x4001  10/100 ethernet
diff -ruN src.orig/sys/dev/usb/usbdevs_data.h src/sys/dev/usb/usbdevs_data.h
--- src.orig/sys/dev/usb/usbdevs_data.h 2008-03-05 03:42:05.000000000 +0800
+++ src/sys/dev/usb/usbdevs_data.h      2008-09-17 04:00:20.000000000 +0800
@@ -1465,6 +1465,10 @@
            "DUB-E100 rev B1",
        },
        {
+           USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA110,
+           "DWA110",
+       },
+       {
            USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT2870,
            "RT2870",
        },
diff -ruN src.orig/sys/dev/usb/usbdevs.h src/sys/dev/usb/usbdevs.h
--- src.orig/sys/dev/usb/usbdevs.h      2008-03-05 03:42:04.000000000 +0800
+++ src/sys/dev/usb/usbdevs.h   2008-09-17 03:59:59.000000000 +0800
@@ -1090,6 +1090,7 @@
 #define        USB_PRODUCT_DLINK2_DWLG122C1    0x3c03          /* DWL-G122 rev C1 */
 #define        USB_PRODUCT_DLINK2_WUA1340      0x3c04          /* WUA-1340 */
 #define        USB_PRODUCT_DLINK_DUBE100B1     0x3c05          /* DUB-E100 rev B1 */
+#define        USB_PRODUCT_DLINK2_DWA110       0x3c07          /* DWA110 */
 #define        USB_PRODUCT_DLINK2_RT2870       0x3c09          /* RT2870 */
 #define        USB_PRODUCT_DLINK_DSB650C       0x4000          /* 10Mbps ethernet */
 #define        USB_PRODUCT_DLINK_DSB650TX1     0x4001          /* 10/100 ethernet */

allow chatzilla to accept self-signed or invalid certificates

I have Firefox 3 running a Chatzilla 0.9.83 add-on. I wanted to use Chatzilla to connect to our company's public IRC server. The problem I had was this: the IRC server's SSL certificate was self-signed, therefore considered as invalid. And, due to Firefox3's weird sense of humor, Chatzilla is unable to connect to the server. But there's a work-around.

First, create an alias,

/alias certif eval getService("@mozilla.org/embedcomp/window-watcher\;1","nsIWindowWatcher").openWindow(null,"chrome://pippki/content/certManager.xul","mozilla:certmanager", "", null)

then, run it

/certif

This will open Mozilla's certmanager module. From there, you just click on the Servers tab and add the site's url - the one with an invalid cert. And that's it.

Note: this tip was given by Glenjamin on #chatzilla @ moznet.

nimbus theme on Ubuntu 8.04

These are the stpes I used to install the nimbus theme on Ubuntu 8.04. I took the initial steps from here. In my setup, I had to install additional packages.

sudo apt-get install fakeroot dpkg-dev devscripts debhelper libgtk2.0-dev icon-naming-utils intltool
wget -c http://dlc.sun.com/osol/jds/downloads/extras/nimbus-0.0.8.tar.bz2
wget -c http://zap.tartarus.org/~ds/debian/dists/sid/main/source/nimbus_0.0.6-1.diff.gz
tar xf nimbus-0.0.8.tar.bz2
cd nimbus-0.0.8
zcat ../nimbus_0.0.6-1.diff.gz | patch -p1
chmod +x debian/rules
debchange -v 0.0.8-1
sudo apt-get build-dep
fakeroot dpkg-buildpackage -us -uc

vim's tohtml plugin

I have been using vim for a while now. But, it was only recently - yesterday to be exact - that I found out about the tohml plugin for vim. It's a very nifty tool that allows you to convert a piece of source code file into an html file, displayed exactly as you see it on vim, as long as you have syntax highlighting on. What's more, you don't even have to install this plugin because it's already included on the default install.

Screenshot(hello world program on vim)


Screenshot (html'ed version of the source)



Obviously, this plugin is very useful for documentation and blogging and what not. The only thing that irks me the most is that I've just found out about this plugin and it's been around for quite some time now.

FreeBSD 7.0 on HP500 notebook

I wrote about installing FreeBSD 6.2 on my notebook a couple of months back. And since the new and shiny FreeBSD 7.0 came out last week, I said goodbye to my not-so-old 6.2 installation and replaced it with 7.0.

I no longer have to disable ACPI during boot with the 7.0 install - so far this is the only improvement as far as hardware related issues are concerned. I have to install the 915resolution port to maximize the resolution - AND - I have a bad feeling that my wireless card isn't going to work. I read iwi and my wireless card is now working.

green machines

I'm planning to purchase a desktop PC sometime this year. Fortunately,I came accross this Ars Technica article on DIY PCs with low power a consumptions. Honestly, I'm quite convinced. The coolest thing about the so-called "green PCs" is that they're quite affordable and in the long run, with it's low power consumption attributes, you get to spend less on electric bills. So, I guess I'll be "greening-up"
my soon-to-be PC this year.

Updates on Tomcat installation

On my previous post, I enumerated the steps I made to get Tomcat up and running. It was quite cumbersome, to say the least.

Anyway, I installed the latest Kubuntu (based on Ubuntu 7.10) and I found out that the Tomcat install had been fixed. All I did was to apt-get the necessary packages and everything worked like a charm - no more extra configuration tweaks and what not.

Suh-weeeeeet.

How-I: Got Tomcat to run on Ubuntu 7.04 (Quick and Dirty)

Tomcat requires Java to be installed first. But I'm not gonna talk about that here(clearly out of the topic).

I installed tomcat5.5

$ sudo apt-get install tomcat5.5
$ sudo apt-get install tomcat5.5-webapps
$ sudo apt-get install tomcat5.5-admin

I got errors errors when I installed tomcat5.5-webapps and tomcat5.5-admin

...
Setting up tomcat5.5-webapps (5.5.20-4ubuntu1) ...
invoke-rc.d: initscript tomcat5.5, action "status" failed.
...
...
Setting up tomcat5.5-admin (5.5.20-4ubuntu1) ...
invoke-rc.d: initscript tomcat5.5, action "status" failed.
...

I found a fix taken from this site

$ cd /var/lib/tomcat5.5
$ sudo chown -R tomcat55 logs work
$ sudo chown tomcat55 /usr/share/tomcat5.5

Most HOW-TOs suggest you can start tomcat like the one below, but that didn't work in my set-up (no verbose errors popped-up but I couldn't access http://localhost:8180)

$sudo /etc/init.d/tomcat5.5

So, I searched for other alternatives. Fortunately, I stumbled upon this site which fixed everything.

$ sudo cd /usr/share/tomcat5.5/logs
$ sudo mv catalina.out catalina.out.orig
$ sudo touch catalina.out
$ sudo chown tomcat55:nogroup catalina.out

Then, as opposed to running Tomcat using the script in /etc/rc.d/tomcat5.5, I used startup.sh found in Tomcat's install directory

$ export JAVA_HOME=/usr/lib/j2sdk1.4-sun
$ sudo /usr/share/tomcat5.5/bin/startup.sh

This time I can access http://localhost:8180. Horray! I've just added more confusion to the already clobbered up Ubuntu documentation.