Category Archives: How-to’s

Tutorials and step-by-step instructions.

Web filter testing…

We have been having filtering issues at work.  The only pattern I can see is that upon heavy Internet use (40+Mb) the filtering services have a hard time keeping up.  The problem is that Internet usage is impossible to predict so calling support and trying to reproduce the problem is nearly impossible.  Assuming I can get through at the time it is happening, by the time I update the support personnel on the other end of the phone, it usually starts working again.

Instead of fighting this problem further I came up with a quick script to see how often it really isn’t working, and record my results.

A script that loops though and hits a blocked page every ‘X’ seconds and then parses the HTML results to see if the redirect or block page was served.  This should show my reliability of our web filter during the day without detrimenting any network performance.  I whipped together a quick and dirty script with some functions from my other scripts.  It should do the trick.

We will start recording the results and see what else we can find out.  If the amount of data we are inserting is too much, maybe insert results into MySQL is in order, but we will see what we find first.

Cheap spectrum analysis for wireless

When I was going through college for networking I learned to hate wireless.  I had come to learn that it was insecure, unreliable, unpredictable, and difficult to troubleshoot.  I got into a job I love and then the wireless era began.  We are now implemented hundreds of new wireless network devices a year.  We have built out our infrastructure with a lot of time and planning and so far have been quite successful.  We use primarily Cisco equipment with some Ubiquiti back-hauls for some of our outdoor setups.  Cisco provides some very basic spectrum information, for someone who has done some in-depth work with wireless and Cisco this is enough information.  It doesn’t seem to provide any visual representation of the network which can be had to explain to upper management.  Spectrum analyzers can be thousands of dollars and for what we are doing we don’t need something that granular.  We need something to tell use when channels are overloaded/consumed with interference and if antenna’s are aligned properly during setup.

We bought a few Ubiquiti bridges a while back and noticed the AirOS product line has a built in spectrum analysis.  This is handy when selecting channels as it ensures you are not selecting a channel already in use.  We have been watching Ubiquiti for some time now and when we started running into some issues with our client wireless access I went out and bought a Ubiquiti Bullet M5 and an M2.  I think total for the both I paid about $140 (includes adapters and some antennas I had lying around).  As you might guess the M2 runs off of the 2.4Ghz spectrum and the M5 runs off the 5.8Ghz spectrum.  With the Bullets, a switch, and a windows laptop/netbook and power source we can easily run up and diagnose a problem.  This setup is also very mobile and could be brought out into the field to be worked on (barring a power source of course).

At this point in time I have been unsuccessful in getting the spectrum analysis software working in anything other than windows.

I am going to assume you can get the default information for the Ubiquiti Bullet and login.  My bullet is completely stock, no configuration needed to do what I will show you.  After logging in you get some beautiful throughput graphs and other good troubleshooting information.  There is also a drop down menu near the logout button which provides you with an AirView option.  AirView is the spectrum analyzer software.

Screenshot - 02092013 - 01:15:35 PM

Airview is a Java Network Launch Protocol application which obviously requires Java.  The analyzer in my virtual machine runs about 9 frames a second and shows pretty close to real time the actual spectrum.  Here is a 2.4Ghz snapshot of my work where our 2.4Ghz spectrum is very overloaded. Sadly this is with only a few clients in the area.

 

Screenshot - 02092013 - 01:54:43 PM

The top visual: Waterfall ViewThis is a good representation of channel utilization over time.  You can clearly see if a client is connected and on what channel.

The middle visual: Waveform View
This is a good visual of how often you get a signal at a certain power or signal strength.

The bottom view:  Real-time View
This is good for seeing what is happening right this second compared to the average and maximum power levels recorded.  After letting this run for a few minutes you can compare spikes and hopefully identify any problems.

I plan on using these to make future recommendations to clients and potential trend information over a period of time.  This could help identify possible interferers that could be as simple and intermittent as a microwave.  These pictures will be invaluable when trying to explain to upper management how or why we are having problems, and what should be done to correct it.

 

Quick and easy MSRDP script

I love Linux, but as we all know we have to work on windows computers usually on a day-to-day basis.  We have servers we constantly have to RDP (remote desktop) into to work with active directory, etc.  The Terminal server client in 10.04 was all buggy and when you closed the window it would reconnect in 30 seconds.  This was especially annoying when you left a session open on your locked computer on the other side of the building and needed to hop on real quick to do something.

ubuntu-Terminal-Server-Client

I found out that the problem was that certain libraries had bee updated and caused this bug.   I decided using rdesktop for a while would suffice and created a launcher on my panel to run this command.  It wasn’t pretty for the longest time, a bash terminal asking for usernames, etc.  I really didn’t like it.  I stumbled across zenity a while ago and decided to use that to hide the password and pass that to the rdesktop command.  It is pretty simple actually.
I prefer to hard-code my username and domain in so that I don’t have to constantly fill it out, however more zenity windows could easily be added if more security or flexibility would be needed.  I saved this into a script, made it executable, and then created a launcher to run the script.  I haven’t spent much time on it but I could not just put this code into a launcher and run it (on XFCE, I suppose other frontends like gnome2 or unity might work).

The code above in a launcher provides these dialogue boxes:

Username

password

 

Zenity provides a lot of flexibility in bash scripting so end users don’t have to see a techy/confusing bash window to do something simple.  Zenity options:

We will definitely be using zenity to make some things more user friendly…

Linux Vinyl Plotting With A Gerber enVision Plotter

I recently had the opportunity to work with an older Gerber enVision plotter from a township.  I had major difficulties getting the old version of Omega working with their USB licensing stick, and I knew that getting anything like this working on Windows without proper licensing would be an inadvisable, and rocky road ahead.

I decided to look into open source solutions, and I found out that Inkscape can do vinyl plotting with an extension called InkCut.

This tutorial will attempt to comprehensively explain how I got this working.  I am by no means an expert, but I found very limited web resources out there on this topic, and I am hopeful that someone will eventually stumble on this article and find it useful.

Background
A simple, free, and open source solution to an expensive and complex problem: How do we plot stuff with our vinyl plotter?

Assumptions
This tutorial will assume that you have some prior experience with the Linux terminal and the Linux desktop.  On my test computer, I was working with a clean installation of Ubuntu 12.04 (12.04.1) LTS.  However, any Ubuntu or Debian flavor should be acceptable.  I am also assuming you have an older Gerber enVision series plotter.  If this is not the case, I imagine most of these instructions will apply fairly well to any kind of vinyl plotter.

The Plotter
Here are some photos of the Gerber enVision plotter I was working with.

2013-01-01 13.20.33

2013-01-01 13.20.42

 

The plotter interfaced with the computer using a serial connection.

Ubuntu & This Plotter
In order to establish proper communications between the computer and the plotter, I had to ensure some things were true.  I reset my plotter to the factory default settings, which resulted in a condition where I could assume this about my serial connection:

Baud: 9600
Data Length: 8
Parity: None
Stop Bit: 1

In order to ensure communication with non-root users, I took a questionable approach, and I decided to:

This did not need to be a very secure environment (we didn’t even password protect the workstation’s desktop) so I figured this would be a reasonable approach, rather than troubleshooting why CUPS was getting permission denied errors while printing to the serial port.

Configure The Plotter In CUPS
To install this plotter in CUPS, you’ll want to open up your Printer configuration area from the System menu.

Click “Add” to add a printer.

CUPS Add A Printer

If you don’t have the option for “Serial Port #1”, then use the Device URI “serial:/dev/ttyS0“.

Serial Printer

 

You will want to select Generic as the make of printer.

Generic Printer

 

Then, select “Raw Queue”  This will work with InkCut providing the HPGL instructions.

Generic Printer - Raw Queue

Obviously, it doesn’t matter what you name your plotter, or what description you give it, just give it something that makes sense.

Finalize Printer Settings

Install Inkscape

Next, we want to install Inkscape.  You can do this from Apt on Ubuntu, as such:

Once you’re done with the installation, start Inkscape for the first time.  This will create blank default configuration folders in your profile which are necessary for the next step.

Inkscape

 

Then, go ahead and close Inkscape, and move on to installing InkCut!

Install InkCut
You can download the latest version of InkCut from their website.  At the time of this writing, the version is 1.0, and can be found here.

Once you’ve downloaded InkCut, go ahead and extract the file using this command.  It will put the files right where they need to be for you!

Now, when you start Inkscape, you should see InkCut on the Extensions menu, under Cutter/Plotter.

InkCut

Screencast How-To’s
 I have also created some screencasts to explain how to set up the document for your plotter, as well as how to plot some basic text.

Document Setup – Screencast
(Download OGV)

Let’s Plot Some Text! – Screencast
(Download OGV)

Remember, when plotting your text, you need to make sure your objects are converted to paths, by highlighting your text and going to Path > Object To Path.  You also want to make sure your paths aren’t grouped, by right clicking each block of text and clicking Ungroup.

Then you should be good to go to Extensions > Cutter/Plotter > InkCut v1.0 and start plotting!

Installing Zimbra Collaboration Suite On Ubuntu 12.04

Background
Zimbra Collaboration Suite is a fantastic email and collaboration solution made by VMware.   Zimbra is my email server solution of choice, because it’s very easy to setup, and the features you get are unmatched by other open source email solutions.  Ubuntu 12.04 is the current Ubuntu LTS, which will be supported for servers until 2017, so this is a great time to use it on a server you don’t want to have to take offline for frequent updates, like a mail server.

How is Zimbra different from SquirrelMail or RoundCube?
Popular open source solutions for webmail are SquirrelMail and RoundCube, which interface with an existing IMAP \ SMTP server to provide webmail access.  Zimbra is a fully integrated mail solution, which sets up a POP, IMAP, and SMTP server, and provides HTTP and\or HTTPS webmail out of the box.  Zimbra also provides a desktop AJAX, desktop HTML, and mobile HTML access option set.  No matter what device you’re on, you can access your webmail in a friendly way.

Other Features of Zimbra
Zimbra offers a number of other features, such as:

  • Address Book
  • Calendar
  • Tasks Management
  • File\Document Briefcase
  • File\Document\Folder Sharing
  • Incoming Email Filtering\Antivirus
  • Social Media Integration

You can look at the official list of features, and other information, on Zimbra’s website.  This is their page on the Open Source Edition.

 

Installing Zimbra Collaboration Suite 8.0.2 Open Source Edition on Ubuntu 12.04
If you’ve decided that you’d like to try Zimbra Collaboration Suite, let’s get on to the installation!

Install Dependencies
These packages will be necessary for Zimbra to be installed on your system.

Download Zimbra ZCS
At the time of this writing, you can use the link in the Code box below.  As this tutorial ages, and newer versions of Zimbra are released, you will want to go to the download page and get the latest link.

zcs-wget

Extract The Downloaded Archive

Enter The Folder You Extracted

DNS Configuration
If your DNS was not setup properly, you might get an error like DNS Error resolving yourhostname.com.  There is an error which will follow regarding your MX configuration.  These errors are OK to ignore, as long as you’re not planning on using your hostname to send\receive email.  You can add properly configured domains later.

However, you do want to make sure this domain name can be resolved.  Put it in /etc/hosts for 127.0.0.1 if necessary.  If you do not do this, you will encounter an error during the final setup stage.

Run The Installer

Press Y and hit enter to agree to the license agreement.

ZCS-install-1

 

Now, if you installed all the dependencies at the start of this tutorial, you should have everything you need!

ZCS-Install-2

 

If you aren’t sure what you want to install, then just install the items as suggested.

zimbra-ldap – Yes
zimbra-logger – Yes
zimbra-mta – Yes
zimbra-snmp – Yes
zimbra-store – Yes
zimbra-apache – Yes
zimbra-spell  – Yes
zimbra-memcached – No
zimbra-proxy – No

When asked if you want to continue, press Y and hit enter to proceed with the installation.

ZCS-Install-3

The Zimbra installer will take care of extracting and installing the packages for you.  This part of the process might take some time, depending on the speed of your machine.

 

Configuration Menu
Go through all of the items on the configuration and make sure they are what you want.  I like to make sure these options are set:

Don’t stress out about the domain names too much, you can add additional domains to your email server later, very easily.

  • Common Configuration > Hostname\Ldap Master Host — Should be your server’s main domain, like mydomain.com.
  • Common Configuration > LDAP Admin Password — The administrative password for Zimbra’s LDAP Server.  Make it something you’ll remember if you ever think you’ll want to integrate anything with the built-in LDAP later.
  • LDAP > Domain To Create — Should be your server’s main domain, like mydomain.com.
  • LDAP > LDAP Root\Replication\Postfix\Amavis\Nginx\Bes Searcher Passwords — I like to change these too.
  • Zimbra Store > Admin User\Password — These will be used to login to the Zimbra Admin Area.
  • Zimbra Store > Spell Server URL — Make sure this is a web address that can be accessed, it will be used when people press Spell Check.
  • Zimbra Store > SMTP Host — Should be your server’s main domain, like mydomain.com.
  • Zimbra Store > Version Update Email Addresses — Should be an email address for an administrator.

When you’re satisfied with all of your settings, press “S” and hit enter to write your settings to the configuration file.   The default file location is fine.   Then press “A” and hit enter to apply your settings and start the server!

Zimbra will ask you to confirm the changes to your system.  Type “Yes” and hit enter.

Zimbra will now run through an installation procedure, which may take a few minutes, depending on the speed of your machine.

If all went well, Zimbra is now installed on your server.  If it didn’t, you will be given a log file location, where you can look and see what might have gone wrong.

 

Firewall Rules
Hopefully your server has, or is at least behind, a firewall solution.  If so, these are the ports you should definitely be unblocking for the proper use of your server.  These ports are assuming you’re running a default configuration, and you did not change your ports during the setup procedure.

Webmail: 80/tcp for standard access, 443/tcp for encrypted access.
Administration Console: 7071/tcp (can be blocked in the firewall if you only plan to do administration over VPN, locally, etc)
Aspell: 7780/tcp (Zimbra runs a spell check server on this custom port, which users will access when they press the Spell Check button on the web interface)
SMTP: 25/tcp for standard access, 465/tcp for encrypted access.
POP: 110/tcp for standard access, 995/tcp for encrypted access.
IMAP: 143/tcp for standard access, 993/tcp for encrypted access.

 

Accessing Your Zimbra Server
You can login to your Zimbra accounts for webmail access at your Zimbra server’s IP or DNS on the standard https port 443.  You can access your Administration Console over HTTPS using port 7071.

Point your web browser to http://your.zimbra.server.ip:7071/

Zimbra Admin Console

Once you’re logged in, your admin interface will look something like this.

Zimbra Admin 2

The Zimbra setup procedures in the web interface are very straightforward, and are up to you to play with on your own now that Zimbra is installed and working!