<corruptmemory>

A little while back, when I was first getting stuff together to get this site up and running I wrote about my adventures setting up an ActionTec MI424WR that I had gotten from Verizon as part of a FiOS package using OpenWRT.  Although it was a hacky solution it worked reasonably well.  Well, my two-year contract ended in January and now being February the router just had to take revenge on me for leaving Verizon and killed itself.  That just sucks.  Among other things it took my web site (this one ;-) ) offline.  So after some digging I came upon the Buffalo WHR-HP-G54 as a replacement.  It seemed to have good support with OpenWRT, so I gave it a shot.  Bottom line: great little box.  I’m not using it for wireless, but it has a radio “booster” for extra range.  Right now my house is saturated with WiFi and wired to the nines, but I needed a nice router I could rebuild my Internet access on.  I installed the latest Kamikaze image on it.  After toying around with the Web UI I quickly found out that the firewall config system was still not up to snuff.  It kept exposing router ports to the the Internet, not what I had in mind, but simply rebuilding the firewall with the original script from my earlier blog post and things just clicked.

Back in business baby.  Now I have a reason to finish my accumulating list of articles.

Tags: Internet, Maintenance

Still, a work in progress, but the main part of the site (outside of the blog) is now running within a heavily hacked version of gitit, a wiki engine written in Haskell. Since I’ve been learning about Haskell recently what better way to play than on the Web site? Seriously John MacFarlane is brilliant! Not to mention the HAppS folks as well.

Haskell is a wondrous language, and definitely the hardest one I’ve decided to learn in quite a while. I played around with Haskell and SML/NJ many many years ago (1991-1994 time-frame), and I really liked what I saw. Recently, though I’ve been thinking hard about programming and languages again, especially building large systems easily, and purely functional languages figure prominently in my thinking at the moment.

Tags: Haskell, Maintenance, Software Engineering/Programming

Woo hoo!

Other than a couple minor hiccups (all of them were dealt with running restorecon -vR [dir] things went very smoothly (although a bit slowly ;-) ). Thanks Fedora folks! Also, thanks to all those FLOSS projects that make distros like Fedora possible!!

Tags: Maintenance

Well, last night had a brown out or power-surge or something but it locked up the router and my switch. Ugh. Then it also froze the laptop that runs the site — a first!

Everything seems to be back to good health.

Tags: Maintenance

It has been a while since I updated the blog, apologies to all you loyal readers: been doing some Merb hacking on the site, and finally got a version of my resume up, now I’m sure to get a job! ;-)

Anywho, I do have some essays/entries lined up:

• A Merb tutorial/HOW-TO — No joke I got a hit from a Google search (Woo hoo! Google knows I exist!) looking for a Merb tutorial, and I have none! I can’t let that stand!
• An essay on Web development and ideas on how to build big
• I have been following a lot of the work that Jonathan Haidt has been publishing recently, and looking at the criticisms that Sam Harris has been making of that work. I have a number of opinions to share in this subject. In the mean time check out Jon Haidt’s web site and the Moral Foundations site, really good stuff.

Sorry for the radio silence. Looking for work that doesn’t suck, and hacking code for this site take their toll on my attentions. Fun on its way!

Tags: Ethics/Morality, Hacking, HOW-TO, Maintenance, Software Engineering/Programming

Well, thanks to some nice friends ;-), it was shown to me that the theme for the site was not working out as well as I would have liked under IE. Grrr. So, installed XP in a VirtualBox instance and went about trying to fix it. Well, I wasn’t all too thrilled as to how the original theme was doing layouts (lots of big float-ed elements with some rather hacked padding/margin values), but under FireFox everything looked fine. Also, my bad, I didn’t do some reasonable size tests.

Long story short: IE still cannot do a good job laying out DIVs with CSS! I had to cut my losses and insert a layout table to contain the two columns. Argh! Anyway, under IE¹ things look better as parts of the content are no longer being cut off.

Enjoy!

1. People please! Get a decent browser! Stop promoting a product and company that refuses to abide by or even constructively help the development of standards, and aids in the spreading of viruses and spam (then sells you products to fix the problems that should not have been there in the first place)! Get yourself FireFox or Google Chrome, even Opera which is still blazingly fast, just stop using IE. [↩]

Tags: Maintenance, Web

After much ado and waiting, my old information has been cleared out of Google’s systems and I was able to successfully link corruptmemory.com to my existing Google Apps instance. Other than the long wait Google Apps is simply “da bomb!”

Anywho. I have everything squared away with the login system so, anyone who is interested can sign up and contribute!

I also did some more tweaking on the theme to move the login to the top and all, perhaps I’ll write a nifty AJAXian logger-inner, but argh! So much to do and I still have to friggin’ find a job! (yes, I’m currently unemployed).

The next priority is to get a simple app written for controlling the rest of the site and fill out some content. I have some code that could be made ready with a few hours work that I think people will find useful.

Anywho: Come! Sign-up! I promise some heady content soon enough, stand by!

Tags: Google, Internet, Maintenance, Web

Yarg! Google still has not cleared out the corruptmemory.com domain information from their systems, as discussed here.

Tags: Google, Maintenance

Did some behind-the-scenes work tonight. Getting git¹ repositories in order. Broke stuff up into public and private repositories. Upgraded version of WordPress. Also, getting ready for a major fork of the theme. The theme of this site is based on the Stardust theme by Tommaso Baldovino. The original theme is a bit too big in a lot of places. I liked the 2-columns layout and “variable” size (why do people use fixed-sized layouts? I will never understand), but some more tweaking is needed. Firstly, the layout uses PNGs, I have no idea how the site renders on IE since I only have GNU/Linux available to me at the moment. Secondly, there are a number of image overlay tricks that are not always working (like on my Android Web browser).

Also, beefed up startup script on router. More on that in the future. For now: bed.

1. Git really is wonderful, wished I pushed harder to move to it at DRR, ahh well [↩]

Tags: Hacking, Maintenance

Now since I have my new-fangled cable Internet service¹ with my 5 static IPs I got to work figuring out how to best use this new techno-inter-magic while trying to keep my expenditures as close to $0 as possible.

For a server I’m going to use my old Compaq laptop², after all, it has a built-in UPS! (not that the rest of my networking hardware that is needed to keep a site up in the eventuality of a power failure has a UPS ;-).) Also, it is the next machine I have that is outfitted with 2GB of RAM. For this I installed Fedora 9.

The real problem was the router. Optimum provides a router (Cisco 800-based), but it’s all locked up. The only thing this puppy does is expose to my network the 5 raw, completely unblocked IP addresses³. Ideally I wanted one piece of hardware that can NAT firewall my network but where I could manage multiple external (WAN) IP addresses. All the routers I had with their intrinsic software aren’t intended for this purpose: they’re “consumer grade” after all – just for connecting to broadband. Fortunately, there are a lot of good hackers out there that realize that this perspective from vendors is pure nonsense. Those hackers have come up with their own firmware replacements for many devices.

The options I had available to me were:

• NetGear FVS114
• Linksys WRT54G1S V7
• ActionTec MI424WR⁴

The places I look for some firmware goodness were OpenWrt and dd-wrt.

The NetGear would be ideal because it does not have wireless capability so I would not be sacrificing anything when I put it down the basement, but no-dice. The Linksys is a no-go on OpenWrt because the “brain trust” at Cisco decided to go with a proprietary OS for all newer versions of the WRT54 series after version 3 resulting in a smaller amount of flash making it is harder to build a decent system. However, dd-wrt has a micro version that fits in the V7 WRT54. Downloaded it, flashed it, held breath, and YESS! It worked! For sure the dd-wrt ROM is a significant improvement over the intrinsic firmware: you get performance graphs, real DMZ support telnet to a BusyBox shell, and a whole lot more. But this is the “micro” version. A number of things have been stripped out like many command line tools (ls for instance) and no ssh server, only telnet. It would be possible to proceed with the Linksys, but I wanted to see if what could be done with the ActionTec. Well, OpenWrt can be made to work! Just not so easily, but after carefully following instructions⁵, reading a ton about Redboot (VERY COOL BTW) I got the puppy to boot Linux! After a little more hackery⁶ I got the OpenWrt image to boot into a Linux system on power up.

On a side note: like all good Linux distros both OpenWrt and dd-wrt can be extended through community created packages. OpenWrt actually has a package manager opkg that works a lot like aptitude or yum, very sweet.

The only problem I ran into with the ActionTec setup was that you install a very bleeding edge image, and the Web-based UI tools and boot scripts do not set up NATing and the firewall correctly no matter how many pretty web pages you fill out. But never fear! This is Linux! I just installed my own boot script after the networking script and poof! working firewall and packet forwarding!

Here’s my script (stored in /etc/init.d/custom_rules)

START=45
LAN=eth0
WAN=eth1
VWAN0='<some ip>'
VWAN1='<some other ip>'
WEB1='<internal server 1>'
VPN='<vpn server>'
 
start() {
	/usr/sbin/iptables -I INPUT 1 -i ${LAN} -j ACCEPT
	/usr/sbin/iptables -I INPUT 1 -i lo -j ACCEPT
	/usr/sbin/iptables -A INPUT -p TCP -i ! ${LAN} -d 0/0 --dport 0:1023 -j DROP
	/usr/sbin/iptables -A INPUT -p UDP -i ! ${LAN} -d 0/0 --dport 0:1023 -j DROP
 
	/usr/sbin/iptables -I FORWARD -i ${LAN} -d 192.168.0.0/255.255.0.0 -j DROP
	/usr/sbin/iptables -A FORWARD -i ${LAN} -s 192.168.0.0/255.255.0.0 -j ACCEPT
	/usr/sbin/iptables -A FORWARD -i ${WAN} -d 192.168.0.0/255.255.0.0 -j ACCEPT
	/usr/sbin/iptables -t nat -A POSTROUTING -o ${WAN} -j MASQUERADE
	/usr/sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -i ${WAN} -d ${VWAN1} -j DNAT --to ${WEB1}:80
	/usr/sbin/iptables -t nat -A PREROUTING -p tcp --dport 22 -i ${WAN} -d ${VWAN0} -j DNAT --to ${VPN}:22
}

The command-line environment in OpenWrt is much nicer than the “micro” dd-wrt envirement: vi, ls, and most typical command-line stuff you would expect is there. All the config stuff is in nice text files located under /etc/config. The root file system is a mount of the flash ROM image using jffs the file system especially designed for flash – all my changes are persistent as one would expect. Very sweet.

One warning – the OpenWrt firmware does not properly support the ActionTec wireless chip at the moment, but that is not a loss for me since I would have disabled wireless anyway for this puppy.

So now I have Linux all the way out to the borders of my network, and life is good.

1. Optimum Online Business Service [↩]
2. Compaq R3000 [↩]
3. Not strictly true, but after a couple of phone calls all of my ports were opened up. [↩]
4. Interestingly enough, Actiontec used software released under GPL (BusyBox), and were involved in a lawsuit for non-compliance. Fortunately, the suit was resolved in a way that resulted in Actiontec releasing the source code to their router. [↩]
5. http://wiki.openwrt.org/Hardware/Actiontec [↩]
6. Redboot supports setting a startup script. Redboot boots first then loads the Linux image. [↩]

Tags: Embedded systems, Fun, GNU/Linux, Hacking, Maintenance