Archive for the ‘networking’ Category

SSH tunneling with firefox

January 22, 2010 Leave a comment

from a terminal window:

ssh user@<<ssh server>>.com -D 9000

in firefox:

go to preferences:advanced:network:Connection Settings

This will pipe all web traffic through a secure ssh tunnel, and allow access to local web resources from firefox.

Of course you want to disable that firefox setting if you’re not connected to the tunnel.

There is a firefox addon called Quickproxy that allows you to activate/deactivate the proxy settings with a button push:

And sshmenu has a great interface for quickly connecting to remote sites.

SSHMenu Screenshot

sudo apt-get install sshmenu sshmenu-gnome

Categories: linux, networking

Using pfsense with remote sip phones

January 20, 2010 3 comments

pfsense by default only allows one sip registration to be active at a time on a protected LAN. The siproxd extension allows multiple phones to coexist happily, but it is a little confusing to set up. Here is what works the best from my testing:
Firewall: Rules: WAN = none for SIP or RTP

Firewall: NAT: Port Forward = none

Firewall: NAT: Outbound = Manual Outbound NAT, using default rule with NO Static Port mapping

Reboot the pfsense machine

UPDATE: siproxd is not necessary for multiple sip reigsrations to work! The above should be adequate.

Install the siproxd package from the System:Package Manager page on the pfsense admin page.

Services: siproxd: Settings = Inbound to LAN, Outbound to WAN, Port to 5060. Expedited Forwarding on.

Reboot the pfsense machine

I am including some screenshots to help.

Click on the “e” to edit the rule.

siproxd settings:

Categories: Asterisk, networking, pfsense

How to lock down a Windows 2003 or Windows 2000 Terminal Server

January 9, 2010 Leave a comment

Here is the Microsoft KB entry for terminal session security.

Categories: networking, Windows Server

ntop and ipcop 1.4.20

November 23, 2009 Leave a comment

Download ntop addon from here:
transfer to /root on ipcop machine
from ssh session on icop:
cd /usr/lib
ln -s
cd /root
tar -zxvf ntop_ipcop_1.4.8.tar.gz
cd ntop
from ipcop gui, refresh view and choose NTOP from SERVICES menu
Click Start button, and refresh
There is a link now shown for Ntop Webinterface (http)


The ln -s  is necessary due to a change since ipcop v 1.4.18

Categories: ipcop, linux, networking

Ubuntu Server 8.04.3 – freenx setup

November 17, 2009 Leave a comment

Sorry for the brevity – it was quickly written to fill a need. I will try and flesh it out later. This is a minimal ubuntu server setup with just enough gui to function with nx client. We use these for remote access terminals on low powered equipment.

Install ubuntu server 8.04.3 from CD

only select openssh-server, use all other defaults

login and note ip address


change ssh port to non-standard port e.g. 8888

sudo nano /etc/ssh/sshd_config

change port 22 to port 8888, save and exit.

sudo reboot

From remote machine login with ssh

ssh <user>@<ip addr> -p 8888

sudo su

apt-get update

apt-get upgrade -y

–let it work for a while


log back in after a few minutes

sudo nano /etc/apt/sources.list

add this at the bottom:

deb hardy main

deb-src hardy main

save and update key, then reload repositories:

sudo apt-key adv –recv-keys –keyserver 2a8e3034d018a4ce

sudo apt-get update

Now actually install freenx:

sudo aptitude install freenx

wait 5-10 minutes for it to finish

sudo /usr/lib/nx/nxsetup –install

You should be ready to connect with NX Client from nomachine

optionally Install a few items you may need later:

sudo apt-get install gnome-terminal firefox tsclient libstdc++5

Categories: linux, networking, Software, ubuntu

Active Directory integration in Linux and OSX

August 26, 2009 Leave a comment

Likewise has a really impressive free product that lets Linux and OSX users integrate into an Active Directory environment very easily. In fact with linux I think it’s easier than with Windows!

In ubuntu you can install the likewise-open-gui package. For OSX you can download the installer package from the website and follow the 10 minute setup guide.

Categories: DIY, linux, networking, OSX, Software, ubuntu

IPCOP traffic shaping for simple, effective qos

August 4, 2009 Leave a comment

Using the default traffic shaper works really well for simple qos needs. Set your defined rtp ports (e.g. udp 3000 and 3001) and udp 5060 and udp 4569 as high priority. Add any offending traffic (e.g. gotomeeting at udp 8200) as low or medium. Takes about 5 minutes and works like a charm!

Categories: Asterisk, ipcop, networking, VoIP