Hot Blog

I need to setup a small network, with about 15 persons racing on a 1 mbps internet connection.
The objective is to have high priority access to the company resources, such as the company website, email, webmail etc, and give reasonable access to other resources.

My recipe is rather simple:

1. Linksys WRT54GL.
2. Tomato firmware.
2. An old Pentium box loaded with Fedora Core 5 (or any linux distro).
3. OpenDNS

The old Pentium box is not really necessary here. It was a spare machine, so I just turn it into a web proxy.

The Linksys router loaded with Tomato firmware. It works pretty well, and the QoS feature is sweet. QoS is very important in this setup, as I need to shape all the traffic pass thru it, and make sure the company access get the fastest possible speed. It took some time to figure out and configure to exactly what I’ve wanted, but well worth the time spent — compare to doing it on the linux box over command line.

I turn the DHCP service OFF on the Linksys router, and use the linux box DHCP service instead. This would allow me to trick everyone treat the linux box as the router, instead of using the real router.

If your linux has no DHCP install, try:

yum install dhcp

Edit the /etc/dhcpd.conf file, DHCP configuration is like this:

option domain-name-servers 10.1.1.10;
option broadcast-address 10.1.1.255;
option subnet-mask 255.255.255.0;
ddns-update-style ad-hoc;
option routers 10.1.1.10;
subnet 10.1.1.0 netmask 255.255.255.0 {
range 10.1.1.250 10.1.1.20;
}

All traffics are passing thru the linux box, then routing out with the Linksys router.

Then, I hijack the http traffic on port 80 of the linux box, redirect them to port 3128, which is where I have my squid cache running.

iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128

By doing this, you will have to turn off the apache service on the same box, or make sure it listen on another port instead of 80.

If your linux box has no Squid install, try:

yum install squid

Make sure the squid has been configured as a transproxy, add the following lines in /etc/squid/squid.conf

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

To make sure the users did not abuse the traffic, you can set your router or the linux box to use the OpenDNS IP as the DNS, and disable many of the counter productive websites easily - that’s what I meant: allow reasonable access to other resources. It is rather easy to filter unwanted websites too with the Tomato firmware.

The linux box with squid also compliment the Tomato firmware nicely as it has no log on what URL the user has accessed to. By enable Samba service on the linux box, the Tomato data can be backup to the linux box periodically, without the worry of lost of the network status after a reboot - these network usage information is rather interesting on the Tomato firmware.

Voila, the network is set to go.
(And no body knows that I have deployed a transproxy and second level router on them so far )

This is how you can buy an expensive energy saving light bulb on the cheap.

Step 1: pick the expensive energy saving light bulb that you want to buy (those LED is even more expansive if you wish).
Step 2: find a cheap tungsten light bulb, make sure the box packing can fit your expensive light bulb entirely.
Step 3: swap the two light bulb.
Step 4: take the cheap tungsten light bulb packing (now with the expensive energy saving light bulb in it) to the counter and pay up.
Step 5: there is no step 5.

Easy right?
The saving was great, you could be paying RM 5.00 for a RM 25.00 light bulb. Not to mention the energy saving light bulb may half your electricity usage in long run.

[ image for illustration only ]
I’ve learnt the tricks few days ago when I was hunting for some new energy saving light bulbs.
I grabbed 2 light bulbs from the shelve, took them to the testing area, and realized that one of it has a cheap tungsten light bulb in it!
It wasn’t the manufacture fault. Someone has made a swap - just like what I’ve mention from step 1 to 5.

You can do it too, it is easier to your pocket, and more environment friendly.
Damn you cheapo light bulb thief.

So beware, check your content before you take it to the counter - down to the minor detail, like the wattage and model number. Some slightly-less-cheapo-thief may swap light bulbs that are not that different in term of looks, but still different by a few ringgit.

I was told there is a newly opened vegetarian shop around my house area, asking RM 2.00 for a plateful of mix rice or noodle flavor.

It was quite possible to get such price - some 8 years ago if you look careful enough.
It is located at Kampung Chempaka, when you turn in from LDP, look to your left - you can hardly miss the green signboard.

True enough, this shop sell everything in RM 2.00.
The taste? Don’t expect much. It is mean for filling your tummy only.

Vegetarian food are used to be more expensive all the while. The fake chicken and pork meat are usually more troublesome to produce (cost more). It is not necessary healthy mind you. I would think such heavily processed artificial meat would do more damage to your health.

I usually pick only vegetable to stay healthy. I am coward.

My MacBook (Mac OS 10.5.5) is having problem to detect my home LCD monitor, it keeps probing the monitor, until it went deaf.
I have to force reboot the MacBook more frequently due to this, as it always freeze when waking up from sleeping.

I have no choice, and revert back to 10.5.2 (the DVD restore disk provided), and upgraded to 10.5.4.
Everything works as before. I have reformatted the entire hard disk, and copying everything back part by part - wasted 1 day to do this, and another day to retune everything back to my working environment.

Now I have a rock solid OS X to work with, again. Happy.

I am using two “identical” HP w2207 LCD monitor, one at home and one at work. The one at home cannot recognize easily by Mac OS X after the update on 10.5.5.
However, the one at work still working as usual.

After some cable and connectors swapping, I realized that although both monitors look physically identical, they have different firmware.

At home: STMB1.2 (Samsung based?)
At work: GTMV1.6 (LG based?)

I still wouldn’t say it is the monitor at fault, as the unit at home working well before the 10.5.5 update.

There isn’t seem possible to get the firmware upgrade as it is more like vendor hardware specific things.

I am going to wait for Apple to fix this, or I’ll have to either change my Macbook or change the monitor. Not pretty.

It is not easy to reach a beach area if you stay at PJ, specially a decent one.
Port Dickson is 2 hours away driving, and very polluted.
Port Klang is nearer, but you wouldn’t go there to touch the water.

So we attempted Bagan Lalang, a beach that is about 1 hour drive from town, provided the traffic condition allowed.

First of all, I have not been to that place at all, and there is no one know how to get there - at the time I need to know.
So I fire up Google Earth (what else), plot my path, and note it down as a transcript as follow.

from main road to KLCC turn into LCCT (left).
hit the round-about, go 12 o’clock.
pass Jalan Dagang.
before sepang F1, turn left to Jalan Kuarters Klia.
come to cross junction, turn right to < B48 >.
enter sepang town, T junction turn right.
first left turn left, enter < 5 >.
exit sepang town.
heading to Sungai Perak.
count from junction < B119 >, go for 3 KM and turn left.

I would not say that’s a good place to be, the sea water are rather muddy, you can even see that from Google setalite picture, but at least that’s a quick spot to be if you want the beach so much.

There is a Sepang Gold Coast under development, if you wait a little more, say 10 years from now, that should be a place with more pollution and fewer sea shore.

We reached there at about 6 pm in the evening, the sun was right on our face.
There was 2 pairs of couple taking their wedding photo in within the gold coast restaurant area (provided that the place is indeed reasonably beautiful or really lacks of visitors so that the photographer can take good shoots without too much of human interference).

We left at 7, right before sunset so that it wasn’t too bad to find our way home.

Whenever there is an Apple OS update, I’ll hold my horses for a few days, until the dust settled, then only do my dirty.
This time around, I didn’t research much and applied the new update, and eat the dust.

First sign: it cannot detect my external monitor.
I’ve been using this MacBook with the lid closed most of the time, connected to a HP LCD monitor (HP w2207 to be precise). The internal LCD was rarely used.
Now, it is impossible to close the lid and still being able to use the external monitor. Big let down, shame on you Apple.

* The workaround is to keep pressing the Menu and Auto button on the monitor, and hope the scan and probe process on the MacBook able to detect it - which it did after a few minutes. After which, keep the lid open and don’t don’t go to system sleep, or else repeat from mark *.

So I have to be very careful not to simply put the MacBook to sleep, and will have to spend more time waiting it to find the monitor. Sucks.

If you have similar setup, don’t update until Apple has a fix.

MacBook 2.4 GHz Intel Core 2 Duo (Penryn).

I switched to OpenDNS instead of using my ISP dispeakable DNS (that should be another topic to come).
In the first day using OpenDNS, I’ve noticed a strange looking geek keeps appearing on the site that was down for access, like this:

Well, I didn’t bother after the site went up again.

But the geek’s photo keep hunting me back in recent days, when more sites going south.
I did a very simple experiment, just typed any none exist URL or domain name, call up the OpenDNS landing page, and voila, the geek attack.

OpenDNS quirk? I’ll let you decide.

[full size screen capture here]