Office 365 is coming and …

Our office is going to do a force upgrade of some sort these coming days and I don’t want to let go of one feature that I have gotten use to using. This is the journal timer in outlook. I was trying to look for a replacement but I cant find any.

Before I started this job, I was mainly using Emacs and Org for organising my projects and daily tasks and I know Org has this really nifty feature of clocking in and out with time stamps. Therefore , I might just go back to using Org however I am a bit apprehensive in how to integrate all my job related stuff since we are such a microsoft centric organization.

I guess I will figure it out . Whoever said that ” necessity is the mother of all innovation” is damn right.

Freeswitch and NAT audio issues

I am running Freeswitch from git and lately I notice that it’s not working properly. Something changed that I could not put my finger on it.

So this is my setup:

  • Freeswitch from git – I almost always update this when I can. I don’t remember when but I one of the update I did broke the thing
  • Dingaling/GoogleVoice – I don’t know if this is FS or a google voice problem. Maybe google made some changes and screwed up freeswitch
  • Debian Sid – updated all the time
  • PFsense – latest and greatest router¬†.I am doing NAT through this box. I might have made some changes that might have affected my FS . Need to investigate this.

What I have done so far:

  • I had set stun on jingle_profile and I still hear no audio , DTMF works however
  • Setting stun off disables DTMF and still no audio
  • Turned off Call Screening/Presentation
  • I am reverting to version 1.2.stable today. Before I was tracking Master.

Reverting to stable worked!

Heimdal-Kerberos,OpenLDAP and Debian

I am trying to set up Openldap and Kerberos on my server for several days now. Openldap is somewhat working since I am able to login via normal clients, however I am stuck with Heimdal.

Actually at first I went with the MIT version of Kerberos but after I read somewhere that it wasn’t a good idea I went with Heimdal instead. This is where trouble started. It seems like when I installed Heimdal ,It did not completely removed MIT . So I was left with a mess. It keeps on giving me an error that ¬†that the kdc could not be reach but I checked the firewall,nat seems to be working, netstat shows the server ports open also. It must be the dns. Restart dhcp server and client,no go. Searching web then I found out that I set the host name default in my kernel,is this it? Right now it’s set to my domain name. I am now updating my kernel to check this hypotheses.

 

Followup:

I finally was able to recompile the kernel and It seems like the default hostname was a red herring. So I kept digging and I found out that Kerberos is really very sensitive to bad DNS configuration. I read somewhere that I need to set up split-DNS in order for it to work. So off I go to the PFsense documentation. And after I set it up! Bingo!

Rediscovering the commandline with Zsh’s Bang!

I always do my thing on the commandline and I have never really mastered all the nifty power user stuff that ZSH provides.

One of this is the commandline editing command using the Bang (!) /exclamation point. This command saves one a lot of time retyping on the shell. This basically allows you to access the history file and do some cool manipulations like searching and editing.

Now I just need to practice this newly found power I have. Hurray to Zsh!

Howto make your ordinary printer an (HP) Airprint printer

I wanted our brother laser printer to work on my wife’s iphone , it turns out it’s fairly easy to do.

First one needs to install CUPS,which is the only printer server that I use. It just works period.
Then I had to add the printer. I set it up using socket://ip address per the CUPS manual. It says there socket or otherwise known as the jetdirect protocol is the fastest way to connect one’s printer so try that first. For me it worked right out of the box.

Now,in order for the printer to appear on an Iphone or an Ipad,one just needs to check off that box that says “share this printer”. That’s it! Voila! Instant Airprinting! Take note though that one must be using the latest CUPS version so if its not working try updating.

Now, there are certain apps that I notice that asks for a specific brand of printer eg coupons.com ,so when one tries to use print it doesn’t show on the list of available printer. I found a hack to make it work. It’s kinda trivial really. This is how you do it. Let’s say if I wanted my Brother to show up as an HP printer all I need to do is edit the ppd file for that printer. So go ahead and add a new printer and choose the same settings for the one you already have and just change the name and description. Now we have to find that ppd for that new printer we just added and edit that file to make it appear that its an HP printer. The PPD is really just a text file so just edit the manufacturer and model fields and it should work.

If it still doesn’t show,wait a few minutes. If not,restart CUPS and AVahi or your Iphone/Ipad.

Now if only I could print remotely,like through a VPN. . . .

Switching to FreeSwitch

freeswitch

I am taking on a new project. I already started this a week ago and It’s still really a work in progress.

So,from my title you may know that I am trying out Freeswitch. I had Asterisk for so long I can’t even remember now. I mainly use my Asterisk setup for google voice and I don’t like that their implementation breaks a lot. I really don’t know if its Asterisk’s fault but I am just willing to try out something new ,hopefully this will be a whole lot better.

A couple of days ago ,I already figured out how to get incoming and outgoing GV(google voice) calls. Now all I need is to make a few adjustments to the dialplan,if I figure this out.*crosses fingers* The dialplan for me I think is much easier to understand than asterisk ,I just need a refresher on REGEX because all the logic depends on it.

Browsing through the Freeswitch wiki ,I found that refresher on REGEX.Thanks a lot to the Freeswitch community,I feel like I am . . .home. *winks*

Linux IPSec VPN for Ipad

After about a week of googling and like a ton of hours spent on doing trial and error, I finally got a working VPN to my server. I am now able to connect successfully so I can call it rather a success. I may have to do a little more tweaking to further fine tune it though.

There is a lot of information on the web but finding the right recipe is a bit tricky.

First off, I found out that VPN per se is a PITA to setup in linux. There are a lot of stuff we can use for our server. One can use OpenSwan,FreeSwan,StrongSwan and OpenVPN . I tried OpenVPN before and I use it for a while. OpenVPN is purely in userspace so there is no kernel modules needed but most OS do not have a client builtin so one has to install their client.

Now,IPSEC is the linux kernel VPN implementation so there is a lot of benefit that I can only imagine for that. The *Swan’s are mostly right now the userland stuff that controls the kernel modules that one uses. There is a lot of misleading info out there. And most of them tells you to install one of the *Swan’s . I never tried it. I went with a much simpler approach,using just raccoon and xl2tpd.

I tried several times figuring out the proper mix of settings for raccoon and xl2tpd but I could never get it right. I was always stuck with xl2tpd closing the connection.

Reading a bit more in the web,I read that I could ditch xl2tpd all together and just do pure IPSEC. So I did a bit more tweaking and voila! A much simpler setting with only raccoon to contend with.

My raccoon config:

log debug;
path pre_shared_key "/etc/racoon/psk.txt";
#path certificate "/etc/racoon/certs";

remote anonymous {
exchange_mode aggressive,main;
my_identifier user_fqdn "redacted";
peers_identifier fqdn "debian";
dpd_delay 20;
ike_frag on;
nat_traversal on;
passive on;
initial_contact off;
generate_policy on;
lifetime time 24 hour;
mode_cfg on;
verify_cert off;
proposal {
encryption_algorithm aes;
hash_algorithm sha1;
authentication_method xauth_psk_server;
dh_group 2;
}
}
sainfo anonymous {
lifetime time 12 hour;
encryption_algorithm aes;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}

mode_cfg {
network4 10.99.99.0;
pool_size 255;
netmask4 255.255.255.0;
auth_source system;
}