Tag Archives: network

Watching IPlayer outside the UK

Tor is an anonymising network which allows people living in restrictive regimes to access the internet with relative impunity. If you know what you are doing you can use it to give yourself a UK IP address and watch BBC telly via IPlayer. This article tells you how to achieve same.

Why use Tor over other solutions? – Because it’s free, and because it won’t contain ads or malware, being an Open Source program.

What does this do? – It uses Tor’s Browser Bundle to connect the included web browser through UK only Tor exit nodes, which fools BBC IPlayer into thinking you are in the UK. The actual streaming still goes direct to your real IP address through Flash Player, so don’t use this if you want to remain hidden/anonymous, as it will definitely give you away!

My particular circumstances are that I am an English expat living in Ireland, but even though I can watch BBC channels through Sky or Freesat, the BBC block Irish IP addresses from IPlayer.

The steps are:-

  1. Download and extract Tor’s browser bundle.
  2. Manually copy the flash plugin into the Tor browser plugin directory.
  3. Enable plugins in Vidalia.
  4. Edit Tor’s config to only include UK exit nodes (preferably those with good bandwidth)

Postfix and network biopair interop: error reading x bytes from the network: connection reset by peer

Lately I have been getting “network biopair interop: error reading x bytes from the network: connection reset by peer” in my mail server logs, and my email client unable to send. My email client is Thunderbird configured to send via TLS. Googling the error doesn’t reveal very much other than it’s probably a transient network error/problem, or a broken TLS implementation at the client end, and that developers can be snooty. This is the second time I’ve had the problem. The first time I just disabled TLS and enabled CRAM-MD5 password authentication, so at least the password is sent encrypted. Today I decided to get serious, and find an ultimate answer to the problem.

Trawling through the various mailing lists reveals that “network biopair”, whatever that is, has been removed from Postfix as of December 2010, v2.8. Admittedly a bit of a long shot, I decided “what the hey” upgrading to Postfix 2.8 isn’t going to make things any worse, and it may sort the problem out.

The next problem then was how to upgrade to version 2.8, my mail server runs as part of an LXC container. Upgrading LXC containers is difficult because new versions of upstart, udev, ifupdown et al like to recreate device nodes, change init scripts and what not. Assuming you’re able to successfully complete the upgrade you will still probably be left with a container which doesn’t boot properly, or at all. I was hoping to stay with Lucid Lynx in the container, until support runs out, in the hope that the LXC boys would have made upgrades smoother by then, but how could I easily update to version 2.8 without either running from source, or running the gauntlet of the container upgrade? Further googling revealed that version 2.8 is available via backports so in /etc/apt/sources.list I added the following line and upgraded:-


deb http://ie.archive.ubuntu.com/ubuntu/ lucid-backports main restricted universe multiverse

It’s too early to say whether the problem is completely fixed. If it isn’t I will remove this post!

Howto share your internet connection in Ubuntu.

Since Ubuntu 9.10 Karmic Koala, Ubuntu has an inbuilt way of sharing any connection. There are a couple usage scenarios for this:-

  1. You want to share your mobile broadband connection with other computers on the network
  2. You want to use your Ubuntu machine to extend your network wirelessly e.g. Your laptop is connected to the network via it’s wireless adapter, which is then connected to another machine via a CAT 5 or CAT 6 cable, enabling the other machine to connect to the network and internet.

I wouldn’t envisage using this to share a DSL broadband connection since most people will already be using an ISP supplied router to do this.

Using it is as simple as enabling the method “Shared to other computers” in the network connection in network manager.

This turns your machine into a mini DHCP/DNS server and starts handing out IP addresses in a 10.x.x.x address range. The machine then NAT/routes any traffic coming in on that interface and forwards it to the networks real gateway. I’ve used it a few times now and it works well.

 

Stream a DVD in Ubuntu

In order to watch a DVD on a device which doesn’t have a DVD drive, it’s possible to stream it from another device which does, through the network. For instance in our house we only have one laptop with a DVD drive. This is the main and most powerful machine which I use for day and nighttime work. When the children want to watch a DVD upstairs in bed (we don’t allow them have TV in their room) I use VLC to stream from my laptop, instead of playing directly, so I can keep working away.

Before we start, obviously, make sure VLC is installed on both devices either by Ubuntu Software Center, Synaptic or apt-get, whichever takes your fancy. On the machine with the DVD drive, we’ll call this the “server”, you simply type/paste one command in, then at the drive-less end, let’s call this the “client”, you run the VLC GUI and tell it where to listen for the stream. So on the server type/paste:-

Continue reading

Ubuntu as a wireless 80211g/n access point/router

Following relatively recent improvements in the Linux wireless stack and driver support it is now possible to setup a Linux machine as an access point, even if you don’t have an Atheros chipset (which was historically the case). Support is patchy but I would say there is a good chance you can do this if you have purchased a laptop with built in wireless in the last 2 years. It is even possible to set one up with a USB wireless adapter (which even Madwifi couldn’t do) if you have an Ralink chipset.

Why would you want to do this? Well, there aren’t that many reasons considering ISP’s routinely hand out wireless routers these days, but I will give you a couple:-

Continue reading

Setup DNS, DHCP and Content Filtering using DNSMASQ and HAVP in Ubuntu.

The idea here is to setup DNSMASQ and HAVP to provide DNS, DHCP and content filtering in a Windows 7/Vista/XP client environment on Ubuntu Server Edition. DNSMASQ is a light package which will provide DNS caching and DHCP to a network (amongst other things). HAVP is a proxy server which uses a third party virus scanner (usually ClamAV) to scan internet content for viruses. This assumes that you already have Ubuntu Server Edition installed on a suitable machine and have a working internet connection. In the settings “192.168.1.254″ refers to this machine which is acting as a router/firewall, you could equally set it to the ip of another router on the network. “192.168.1.253″ refers to the ip of a Windows server. First off install DNSMASQ:-

apt-get install dnsmasq

Edit “/etc/dnsmasq.conf”:-

nano -w /etc/dnsmasq.conf

We now need to set the relevant options:-

Continue reading

A cost effective alternative to KVM over IP switches

Whether in a co-location centre or at a remote site, looking after a server when you aren’t there in person can be a challenge, particularly if you are conscientious and update your servers regularly – updating a Windows server almost always requires reboot, updating a Linux server will require reboot if the kernel has been updated. What happens if the server doesn’t come up after said reboot? This happens more often than might be expected, so I find it desirable to have a way of accessing the server even if the operating system isn’t available. Traditionally this would be provided by a KVM over IP switch, which redirects Keyboard, Video and Mouse input/output via a web server integrated into a box. KVM over IP switches are expensive (the cheapest one I could find at time of print was €250 and doesn’t work well with mice IMO). However, there is an alternative which is elegant and affordable …

Continue reading

Wake On LAN over wireless

What is it?

Wake On LAN is a mature technology for switching on computers over a network or remotely.

Why would I want it?

Perhaps you are a techy such as myself and you want to be able to switch customers computers on and work on them remotely (saves having to tell people to leave machines on if you are working after hours).

I also use it to switch on my Ubuntu machine upstairs when I am downstairs (saves me or my better half having to wait for boot or to get a file to or from the machine without physically going up there).

Is it easy to do?

Yes when you know how ;)

Before I go any further I will mention a caveat. Almost all of the WOL howto’s out there mention using a “magic packet” packet to wake the machine. Unfortunately I found out after much head banging and googling “magic packet” doesn’t work over wireless networks, apparently because wireless frames screw the magic packet up so that the wakee doesn’t recognise it any more.

So if you want to use WOL by sending the wake up through a wireless network your options are limited and it depends on the network card you have. At least 2 of the cards I have support a variety of WOL options “pumbg” and the other one only supports “pg”.

  • P stands for PHY activity
  • U stands for Unicast activity
  • M stands for Multicast activity
  • B stands for Broadcast activity
  • G stands for Magic Packet activity

Firstly I tried phy activity that had the unfortunate effect of starting the machine every few seconds. Then I graduated to broadcast which started the machine periodically (my thick wireless router is sending out broadcasts every hour or so). Eventually I settled on unicast here is how to get it working.

Continue reading

The importance of a minimal firewall.

I have long been an avid user of the well known interface to iptables – Shorewall. Of late though I have suspected it is slowing my network down. I once decided to see what actual iptables rules it was creating and ran “iptables -L”. There was a lot of output and I wasn’t sure was all of it necessary. It niggled away at the back of my brain for the last few months, and I decided yesterday it was time to do something about it.

I first looked at another “user-friendly” interface that would perhaps give me more control and proper ipv6 support, so I installed Firewall Builder. However it seemed quite complex and after spending some time trying to get to grips with the interface I decided it would be easier to type the rules in manually and anyway that would be the only way I was 100% sure everything in there was needed.

I familiarised myself with the Packet Filtering HOWTO and thought the easiest thing to do would be use “iptables-save” to copy the existing Shorewall rules into an iptables friendly format. The resultant file was 9k long and appeared to have a lot of user defined chains for no good reason. It also didn’t make good use of the multi-port option for tcp connections and therefore there were dozens of rules where there only needed to be one.

Continue reading