"; */ ?>

technology

dd-wrt / hardware / howto / interesting / technology / tutorials76 Comments
2
Oct 08

Configure Multiple SSIDs with One Router

One Router Multiple SSIDsA standard “home setup” for the wireless router now days consists of just hosting one Service Set IDentifier – or SSID. And if only a year ago that could seem as a router (firmware) limitation, right now using multiple SSIDs with a single wireless router is just a matter of re-configuration.

Below is a simple guide on how to configure a single affordable (from $25 and up) router, that is available to anybody, to host multiple (up to 16 – at the moment of writing) SSIDs using DD-WRT firmware. In order to install the firmware on the router, follow the official DD-WRT Installation Guide.

Below step-by-step howto is good for any routers that could be found on DD-WRT supported hardware list. Which includes pretty much any “home” router that is out there. Given that DD-WRT is installed, let’s move on to configuring it to host multiple SSIDs.

First let’s look at what we would like to archive as our “end goal”:

Multiple SSIDs by several wireless VLANs served by one router

So what we would like to have is:

  • One router with DD-WRT firmware installed, that hosts 2 (in this example) SSIDs: “Home” and “Guest”

  • Two VLANs where one network (VLAN1) can “see” another (VLAN2), but not other way around.
    What that means is that all “Home” clients (computers that are connected to “Home” SSID) can see (ping/connect to/etc.) “Guest” computers, however none of “Guest” clients can see “Home” computers. (this is a matter of configuration, and can be configured differently, depending on what you need)

Step 1. Setup DHCP server for the “Home” (main) network.

As you can see from the “end goal” diagram above, the “Home” SSID (or VLAN1) has a 10.2.1.0 subnet, and its DHCP client addresses start from 10.2.1.100. Hence that is what needs to be configured on DD-WRT’s “Setup -> Basic Setup” screen (the “Router Local IP” should be set to 10.2.1.1 which would dictate the subnet to be 10.2.1.0):

DD-WRT - DHCP settings

Note that “10.2.1.0” is just an example – you would want to use something that is appropriate for your network – e.g. “192.168.1.0”

Step 2. Setup wireless networks (SSIDs).

Now we need to create two wireless networks – one main network (e.g. “Home”), and one virtual network (e.g. “Guest”). For that go to DD-WRT “Wireless -> Basic Settings” screen:

configure wireless networks with dd-wrt

Enter a desired name for “Physical Interface’s -> Wireless Network Name(SSID)” (this is going to be the main network). You can also stick to the “end goal” diagram above, and enter “Home”.

After that is done, click “Add” to add a “Virtual Interface” and enter its SSID name as well (e.g. you can enter “Guest”). Make sure that the “Network Configuration” is set to “Bridged” as shown on the screen in this step.

Step 3. Configure wireless network security.

In the previous step we configured two wireless networks, now let’s secure them. We will use 128 bit WEP algorithm for both of them due to the reason described in “Step 5”. To accomplish this go to DD-WRT “Wireless -> Wireless Security” screen:

configure wireless security with dd-wrt

Choose “WEP” for “Security Mode”, 128 bits for “Encryption”, enter “Passphrase” and click “Generate” button.

Do it for both networks (Physical and Virtual Interfaces)

Step 4. Setup a virtual interface, and its DHCP settings.

Now we will set the bridge for the virtual network – “Guest” (or VLAN2) from the “end goal” diagram above. For that go to DD-WRT “Services -> Services” screen:

Configuring DNSMasq and DHCP for virtual network

Find “DNSMasq” section, enable “DNSMasq”, and in “Additional DNSMasq Options” enter:

interface=br1
dhcp-range=br1,192.168.2.100,192.168.2.149,255.255.255.0,1440m

This would create a DHCP server for the virtual (“Guest”, VLAN2) network.
“192.168.2.100” is again – just an example, you can use any subnet that suits your needs.

Step 5. Setup firewall rules and a startup script.

This is the most complex step, that makes many network administrators confused, and regular people to give up on DD-WRT multiple SSID configuration. But don’t worry :) – below is a “copy/paste”, working deal.

Go to the DD-WRT “Administration -> Commands” screen:

Setting up firewall rules and a startup script for multiple SSIDs - DD-WRT

Enter the following firewall rules to the “Firewall” section:

##BRI1
iptables -I INPUT -i br1 -m state --state NEW -j logaccept
iptables -I FORWARD -i br1 -o vlan1 -m state --state NEW -j ACCEPT
 
#below keeps the two networks from talking
iptables -I FORWARD -i br0 -o br1 -j logdrop

Enter the following commands to the “Startup” (it is a startup script that executes when the router starts up):

##MOVES VIRTUAL WIRELESS TO OWN BRIDGE
brctl addbr br1
brctl delif br0 wl0.1
brctl addif br1 wl0.1
ifconfig br1 192.168.2.1 netmask 255.255.255.0
ifconfig vlan2 up
brctl addif br1 vlan2
ifconfig br1 up
 
##FIX NAS. Here NAS is disabled, cause it is NOT used for WEP, and these wifi networks will use WEP (for now)
killall nas
nas -P /tmp/nas.wl0lan.pid -H 34954 -l br0 -i eth1
nas -P /tmp/nas.wl0.1lan.pid -H 34954 -l br1 -i wl0.1

Here is where it gets interesting… Remember in “Step 3”, when configuring wireless security, we chose WEP? That was done because the current DD-WRT firmware “v24-sp1 (07/27/08) micro”, that is used at the moment of writing, has a bug in starting NAS, which is a proprietary binary tool that sets up dynamic encryption (WEP/WPA) on wireless devices.

UPDATE (12/22/2008):
           Tried "v24-sp2" (09/26/08 std - build 10431M VINT Eko) for WRTG54GL v1.1 router -
           WPA worked with multiple (tried 2) SSIDs.

In a startup script above, we start NAS in “vanilla” mode for “eth1” (the main network) and for “wl0.1” (guest, virtual nework), and therefore we are using WEP for both networks.

The only line from above startup script that you might want to change is:

ifconfig br1 192.168.2.1 netmask 255.255.255.0

Here “192.168.2.1” is, again, an example, so if you chose a different subnet for the virtual network (br1), you should enter it instead.

DONE!
Now you can save all the changes and restart the router. You should be good to go!
If you have any questions or comments, you are welcome to address them below in the “comments” section.

eclipse / howto / java / linux / software / sun / technology13 Comments
15
Sep 08

Reset Lost Password in Sun Application Server

Sun Application Server Password ResetHappens to the best of us, less with system admins more with developers. But we are all human, and believe it or not we DO forget and loose passwords at least once every so often. Some time ago I wrote a tutorial on how to reset lost root password in mysql, and here is another similar tutorial on how to reset the lost domain password but this time for Sun Application Server.

Before going any further with this article, please first check “.asadminprefs” file:

cat /home/toly/.asadminprefs
 
AS_ADMIN_USER=admin
AS_ADMIN_PASSWORD=YourSecretPasswordInTextHere!

the admin password could be there

If it is not there, there are two ways to reset it:

  • Reinstall or recreate the affected domain.
  • Create a new dummy domain and copy its security key file over to the real domain to substitute the password.

Below is an explanation for the second approach (in case when “reinstall or recreate affected domain” is not an option):

Given:

 >   Sun App server is installed in                 "/opt/SUNWappserver"
 >   Domain to which the password is lost:   "domain1"

Step 1. Creating a new dummy domain

/opt/SUNWappserver/bin/asadmin create-domain --adminport 7070 --adminuser admin --instanceport 7071 dummy-domain
 
Please enter the admin password>password
Please enter the admin password again>password
Please enter the master password>password
Please enter the master password again>password
 
Domain dummy-domain created.

Step 2. Copy dummy-domain’s “admin-keyfile” to domain1’s “admin-keyfile”

cp /opt/SUNWappserver/domains/dummy-domain/config/admin-keyfile  /opt/SUNWappserver/domains/domain1/config/admin-keyfile

now the password for domain1 is “password” – DONE :)

Step 3. Deleting the dummy domain

/opt/SUNWappserver/bin/asadmin delete-domain dummy-domain
Domain dummy-domain deleted.

NOTES:

The above is true for Sun’s Application Server 8.x and later.

For Sun’s Application Server 9.x check out “change-admin-password

cool places / howto / java / linux / software / technology / tutorials / ubuntu5 Comments
11
Sep 08

Install Sun Application Server on Ubuntu

Sun Microsystems

On the client site when working on Java (or should I say JEE) projects, the application servers are most of the time “rotate” between these four: JBoss, Websphere, Weblogic, and someties Geronimo. However there are some clients who have pretty tight contracts with Sun, and in these cases the Sun Application Server is used.

I think now days in development world in general, well except maybe .NET part of it, Ubuntu and/or Mac OS slowly become OSs of choice for developers. Sun app server however is not the most used app server out there, and since its installation could be a bit non-straightforward, here are four simple steps on how to install it on Ubuntu box:

Step 1. Download the “.bin” form sun:

“Sun Java System Application Server”

http://java.sun.com/j2ee/1.4/download.html (I needed 8.2, but there are more recent ones)

Step 2. Change permissions, to make it runnable:

chmod 744 sjsas_pe-8_2-linux.bin

Step 3. If you just run it:

./sjsas_pe-8_2-linux.bin

It is going to complaint that it is missing a standard c++ library:

./sjsas_pe-8_2-linux.bin: error while loading shared libraries: libstdc++-libc6.2-2.so.3: cannot open shared object file: No such file or directory

Having done some “apt-cache” searches ( apt-cache search libstdc++ ), found that Ubuntu has “libstdc++.so.6” in /usr/lib.
From /usr/lib run:

 sudo ln -s libstdc++.so.6 libstdc++-libc6.2-2.so.3

Step 4. Run it now, it will install Sun App Server successfully! * **

* Do not run installation as root – it will fail (for most sun app servers versions)

** If you use any form of Beryl (or some Compiz’es), disable it, or reload window manager as a “Gnome Manager”. This is due to the fact the the installer is written in Swing, and Swing does not get along too well with some display managers.

hardware / howto / linux / software / technology / ubuntu31 Comments
6
Aug 08

Speed Up Ubuntu Boot Time by Starting Networking on The Background

Ubuntu Boot Up TimeIt is quite a simple change but it makes an Ubuntu laptop to boot 2-3 times faster! What takes the most time during boot in Ubuntu (and many other Linux distros) are DHCP discovery and DHCP timeout that are run by networking startup scripts. This of course can be solved with tweaking the timeout or just configuring a static IP, however this solution is not all that elegant, just because “What if the system needs this particular timeout?” or “What if it is a laptop, and it’s IP cannot be static?”

The idea to solve this is simply to take an advantage of concurrency. So instead of all other boot scripts to wait on the networking script(s) to finish its discovering and “timeouting” during a system boot, these network script(s) could be started in parallel, as separate child processes. This will speed up boot time, since the system should no longer wait on the “networking” to finish.

One thing to understand here, is that networking is not taken out of the boot process – it stills belongs to it (it is its child), and it would still run, and would do its important job – the difference is it would do it in parallel.

Here are two easy steps on howto archive this in Ubuntu (it can be applied to pretty much any Linux/Unix distribution, however the scrips/locations will/might be different) :

Step 1. Find network startup scripts:

cd /etc
 
user@host:/etc$ sudo find . | grep network
./rcS.d/S40networking
./init.d/networking
./network
./network/.interfaces.swp
./network/if-post-down.d
./network/if-post-down.d/avahi-daemon
./network/if-post-down.d/wireless-tools
./network/if-post-down.d/wpasupplicant
./network/interfaces
./network/if-up.d
./network/if-up.d/ntp
./network/if-up.d/clamav-freshclam-ifupdown
./network/if-up.d/ntpdate
./network/if-up.d/avahi-daemon
./network/if-up.d/sendmail
./network/if-up.d/avahi-autoipd
./network/if-up.d/wpasupplicant
./network/if-up.d/mountnfs
./network/if-pre-up.d
./network/if-pre-up.d/wireless-tools
./network/if-pre-up.d/wpasupplicant
./network/if-down.d
./network/if-down.d/clamav-freshclam-ifupdown
./network/if-down.d/sendmail
./network/if-down.d/avahi-autoipd
./network/if-down.d/wpasupplicant
./networks
user@host:/etc$ ll ./rcS.d/S40networking
lrwxrwxrwx 1 root root 20 2007-05-20 18:48 ./rcS.d/S40networking -> ../init.d/networking

FOUND IT: In this case the netwoking script that runs on startup is “../init.d/networking”

Step 2. Extract “start” case into a separate method:

user@host:/etc$ sudo vi ../init.d/networking

here is a “start case” in the original file:

case "$1" in
start)
	log_action_begin_msg "Configuring network interfaces"
        type usplash_write >/dev/null 2>/dev/null && usplash_write "TIMEOUT 120" || true
	if [ "$VERBOSE" != no ]; then
	    if ifup -a; then
		log_action_end_msg $?
	    else
		log_action_end_msg $?
	    fi
	else
	    if ifup -a >/dev/null 2>&1; then
		log_action_end_msg $?
	    else
		log_action_end_msg $?
	    fi
	fi
        type usplash_write >/dev/null 2>/dev/null && usplash_write "TIMEOUT 15" || true
	;;

let’s modify it by extracting the “start case” into a separate method so it can be run as a background process on the start up:

here is a “start case” in the modified file:

# adding this method so it can be run as a background process on the start up
start_on_boot () {
 
	log_action_begin_msg "Configuring network interfaces"
        type usplash_write >/dev/null 2>/dev/null && usplash_write "TIMEOUT 120" || true
	if [ "$VERBOSE" != no ]; then
	    if ifup -a; then
		log_action_end_msg $?
	    else
		log_action_end_msg $?
	    fi
	else
	    if ifup -a >/dev/null 2>&1; then
		log_action_end_msg $?
	    else
		log_action_end_msg $?
	    fi
	fi
        type usplash_write >/dev/null 2>/dev/null && usplash_write "TIMEOUT 15" || true
}
 
case "$1" in
 
start)
 
	# start networking on the background, so it does not slow down the boot time
	start_on_boot &
 
	;;

Save the file, reboot and enjoy

DONE :)

Interesting related articles:

making ubuntu boot in 19 seconds
understanding bash fork bomb

howto / linux / rails / ruby / software / technology / tutorials / ubuntu12 Comments
2
Aug 08

Make rails.vim Work: Compile VIM From Sources

rails.vimEver heard about rails.vim project? “Accept no imitations: rails.vim is the one true Vim plugin for syntax highlighing, easy navigation, and script invocation for all your Ruby on Rails applications, transparently and unobtrusively” says creator Tim Pope.

The very good “rails.vim” guide can be found here or just by reading project’s vimdoc here.

PROBLEM:

There is however one gotcha for Ubuntu Hardy Heron lovers (or other modern Linux distros). Using rails.vim would result in VIM “segmentation fault”crashes similar to:

Vim: Caught deadly signal ABRT
Vim: Finished.
Aborted

REASON:

This is due to the fact that a packaged VIM that comes from some Linux distros repositories has old patches.

SOLUTION:

One of possible solutions would be to download most current VIM sources from http://www.vim.org/sources.php and compile/install it manually. Below is how it is done on Ubuntu (but should be pretty similar on any Linux distro):

1. Get vim sources:

wget ftp://ftp.vim.org/pub/vim/unix/vim-7.1.tar.bz2

(where ‘7.1’ is the current VIM version at the moment of writing)

2. Unpack it

tar -xvjf vim-7.1.tar.bz2

3. Install terminal libraries (vim needs them to compile correctly)

sudo apt-get install libncurses5-dev

4. Configure / Compile / Install

./configure --with-features=huge
make
sudo make install

5. Point your system to newly compiled VIM:

sudo rm /etc/alternatives/vi
sudo rm /etc/alternatives/vim
sudo rm /etc/alternatives/vimdiff
 
sudo ln -s /usr/local/bin/vim /etc/alternatives/vi
sudo ln -s /usr/local/bin/vim /etc/alternatives/vim
sudo ln -s /usr/local/bin/vimdiff /etc/alternatives/vimdiff

DONE

← Older Entries