Friday, September 16, 2011

TomatoUSB 1:1 NAT for Qwest 8 static ip block

This isn't what I want yet, but I may be closer to true routing where the router actually routes my ip addresses. I'll be sure to post what I find out.

For now, these are commands you need to run if you wish to do a 1:1 NAT setup on your tomato/dd-wrt/*wrt router firmware (or most things linux for that matter)

I have a block of 8 static IPs from Qwest/CenturyLink and in this configuration you can use all 8 (minus one for the router). Notice I skipped 14 because that address is the router's. Your exact configuration may vary but substitute your addresses as necessary. I used a 10.10.10.0 private network. The static IPs are mapped to a corresponding private IP address.

First section assigns the ip addresses to the router.
Second section does network address translation, so websites or services you connect to on the internet will show the associated static/public ip.
Third section maps incoming traffic to the associated address on your private network, this will allow you to login/access the devices by the associated public ip address.
Fourth section will open ALL ports incoming to the specified internal ip address. This will defeat all firewall rules on the router. Only do this if you are going to run firewall software on those machines. Lookup more information on how to block/enable ports for iptables to enable specific ports.

Here is the config:

ip addr add XXX.XXX.XXX.8/29 dev ppp0
ip addr add XXX.XXX.XXX.9/29 dev ppp0
ip addr add XXX.XXX.XXX.10/29 dev ppp0
ip addr add XXX.XXX.XXX.11/29 dev ppp0
ip addr add XXX.XXX.XXX.12/29 dev ppp0
ip addr add XXX.XXX.XXX.13/29 dev ppp0
ip addr add XXX.XXX.XXX.15/29 dev ppp0

iptables -t nat -I POSTROUTING 1 -p all -s 10.10.10.8 -j SNAT --to XXX.XXX.XXX.8
iptables -t nat -I POSTROUTING 1 -p all -s 10.10.10.9 -j SNAT --to XXX.XXX.XXX.9
iptables -t nat -I POSTROUTING 1 -p all -s 10.10.10.10 -j SNAT --to XXX.XXX.XXX.10
iptables -t nat -I POSTROUTING 1 -p all -s 10.10.10.11 -j SNAT --to XXX.XXX.XXX.11
iptables -t nat -I POSTROUTING 1 -p all -s 10.10.10.12 -j SNAT --to XXX.XXX.XXX.12
iptables -t nat -I POSTROUTING 1 -p all -s 10.10.10.13 -j SNAT --to XXX.XXX.XXX.13
iptables -t nat -I POSTROUTING 1 -p all -s 10.10.10.15 -j SNAT --to XXX.XXX.XXX.15

iptables -t nat -A PREROUTING -p tcp -d XXX.XXX.XXX.8 -j DNAT --to-destination 10.10.10.8
iptables -t nat -A PREROUTING -p tcp -d XXX.XXX.XXX.9 -j DNAT --to-destination 10.10.10.9
iptables -t nat -A PREROUTING -p tcp -d XXX.XXX.XXX.10 -j DNAT --to-destination 10.10.10.10
iptables -t nat -A PREROUTING -p tcp -d XXX.XXX.XXX.11 -j DNAT --to-destination 10.10.10.11
iptables -t nat -A PREROUTING -p tcp -d XXX.XXX.XXX.12 -j DNAT --to-destination 10.10.10.12
iptables -t nat -A PREROUTING -p tcp -d XXX.XXX.XXX.13 -j DNAT --to-destination 10.10.10.13
iptables -t nat -A PREROUTING -p tcp -d XXX.XXX.XXX.15 -j DNAT --to-destination 10.10.10.15

iptables -I FORWARD -p tcp -d 10.10.10.8 -j ACCEPT
iptables -I FORWARD -p tcp -d 10.10.10.9 -j ACCEPT
iptables -I FORWARD -p tcp -d 10.10.10.10 -j ACCEPT
iptables -I FORWARD -p tcp -d 10.10.10.11 -j ACCEPT
iptables -I FORWARD -p tcp -d 10.10.10.12 -j ACCEPT
iptables -I FORWARD -p tcp -d 10.10.10.13 -j ACCEPT
iptables -I FORWARD -p tcp -d 10.10.10.15 -j ACCEPT


Here's some more information I found:

Tuesday, June 7, 2011

Built my first ASP.NET application today

Nothing terribly notable as I have been writing code in PHP, VBScript, and Java over the years but I hadn't taken the plunge to try out C# and Visual Studio 2010 yet. I guess since it is now my job to turn out .NET applications (with Eclipse and proprietary plugins) that produce vxml I better be learning it. My goal over the next year is to have a good understanding of the major frameworks and languages.

Here's a snippet:

Yes I know my sql query is open for injection attacks...I'll leave that for tomorrow.

Sunday, March 13, 2011

Extend garage entry to the wall - easy freezer access

So I finally got around to extending the garage entry so that we could bring the freezer up to be accessible. I forgot to take a picture but it used to sit right under where I built the extension. We didn't even bother plugging it in since we moved in, partly because there is no electricity and would have been inconvenient trying to open the door with a car in the way.

Step one, add electrical:
Test fit platform, cut off railing, screw into place, screw in plywood and set shims so it is level on foundation.
Ghetto-fab the railing back together (for now)

Saturday, February 26, 2011

Banjo no bueno

Out of order bathroom at our favorite 7-Eleven. This one made us laugh all day long. If you don't get it then you should probably brush up on your Spanish.

My Chevy S10 Zr2 with a solid axle swap (SAS) - Going to have to drop the transmission

The throw-out bearing is probably shot. (pics and lessons learned in future posts)
Current lesson learned: DON'T BUY IMPORTANT PARTS FROM AUTOZONE!

While I'm at it I'll introduce you to my truck since I am always fixing something on it...

Specs:
custom width Dana 44 from '78-'79 Ford truck
4.56 gears
Cragar Soft 8's rims
Rancho 9000 shocks all around
35" Cooper STT tires
Stock rear limited slip
Custom front leaf spring conversion
Axle under leaf conversion in rear
Unknown front driveshaft possibly from a superlift kit?
Rear AAL (add a leaf) kit from Superlift - one full-length leaf each pack 
    - added 2" lift in rear to level out truck
Front spring cross brace with class III receiver

Wednesday, February 23, 2011

My First Hackintosh

I finally and successfully built a Mac using normal PC hardware. Here is how I did it:

Specs:
  • Intel BOXDG43GT LGA 775 Intel G43 HDMI Micro ATX Intel Motherboard $84.99
  • This particular motherboard took 800mhz DDR2 memory, mine has 2gb
  • I already had an Intel Core 2 Duo 2.13ghz processor. Any Core 2 Duo should do (775 socket)
  • Nvidia GeForce 7200 GS 128mb (An old card I had lying around). The idea here is that Apple put the 7300GT in the Mac Pro and the 7200/7300 are basically the same chip. Seems GS GT doesn't matter too much, I have Quartz/GL enabled so it is fully supported (get osx86tools app for this). 
  • Western Digital SATA 500GB. Any SATA drive will do.
Drivers: 
  • For audio I used VoodoHDA.kext and the accompanying preference panel.
  • For Video I used Natit.kext and NVEnabler.kext and NVInject.kext
Network (ethernet), SATA, USB, and everything else work automatically. Get "OSx86 Tools Utility" to enable Quartz GL and as a great tool for installing Kexts because it does the permissioning and copying for you. 

I used a purchased retail OS X 10.6 disk so it is running the default Mach kernel. You will need an efi bootloader like Psystar's DUBL a.k.a. Rebel EFI to be able to boot off of the Mac DVD. 


Tuesday, February 22, 2011

Nigerian Scams

This email caught my eye as I was scanning my SPAM email folder. I get a kick out of reading these and can't believe there are actually people stupid enough to fall for the scam
I've been promised large sums of money in many different currencies but never before have I been offered a "large amount of DIAMONDS". 


Email follows:

Hello,
I know you will be surprise to receive this email, before I go further I will like to introduce myself. My name is General Mann Budu, from Congo Africa. I got your information from the internet.We are currently having a civil war in my country (CONGO), and I am very involved in the war, but now the UNITED NATIONS are trying to resolve the problems. If this problem is resolved i will be in a serious problem with the GOVERMENT OF CONGO.I have decided to leave the country with my family, and I will really need your assistance. This is what I will want you to assist me with, Some funds was set aside for purchasing of AMUNITIONS from RUSSIA, about US$27M(Twenty seven million united state dollar).I have already divert the funds to LONDON,UK.with a finance company over there.
I try to move the funds to an account I open online with HSBC BANK LONDON. But the finance company request I produce an ACCOUNT that is about 5years old. I will really need your assistance to enable me transfer the funds to your account, and I will give you share of 25% of the total funds, and give you some large amount of DIAMONDS.
This is a very serious matter, if you can assist me, please reply urgently.

Thanks.
Gen.Mann Budu.

Here is another one:


Just got this one (3/7/11). Claims that if you were scammed by Nigerian scammers then they will reimburse you with funds they have recovered from the scammers. Don't you think you would learn your lesson the first time???

ECONOMIC AND FINANCIAL CRIMES COMMISSION
Lagos Office: Address: 15A Awolowo Road,
Ikoyi Lagos-Nigeria.
FROM THE DESK OF: MRS FARIDA WAZIRI
ATTENTION:
Take notice that based on the federal government inauguration of this committee which extended to all Africa countries and Europe, the Economic and Financial Crimes Commission - (EFCC) have combined with the United Nation Anti-crime commission to alleviate and redeem the image and past wounds of our dear citizens and foreign firms who were duped , defrauded, scammed and abandoned by some impostors who indiscriminately use the name of God, Office of governors, Presidency, Banks etc to slight down our dignities to international communities.
Many banks have been in bankruptcy today, Universal firms, Companies due to the activity of these hoodlums, However, investigation have shown that these people have dropped over 500,000,00  clients after collecting their money falsefuly, many committed suicide and others living by the grace of God, We see this country as a treasonable felony and have over 500 convicts at hand, 300 in kirikri prisons while many are still on trail, We still fetch for others who feel they are wise and hope that you will be our friend by giving us more information. Success Stories:
(link removed)
Most Wanted (link removed)
Mean while, after the international peace talk summit between the United Nation {USA}, Nigeria, United Kingdom and other countries, in order to maintain / rebuild our international relationship between Nigeria and your country among other countries, the Federal government of Nigeria have now decided to send this message to unlimited end of the world with the hope of finding all those that have been victimized be these cone men that unconditionally scammed people out of their hard earn money, so that they can be compensated after due verification that you have truly been victimized.
In other words you are to respond to this mail, if only you know and have prove that you have been scammed out of your fund before, either by means of Next Of Kin, Contract With The NNPC, Lottery or any other story and upon ascertaining that you have been scammed, you shall be compensated from the nigeria foreign reserve fund and the money confiscated from some of these scammers which have been apprehended by the federal government.
In view of this matter, you are to forward your complains to the section and you are advised to give us a detailed information about your involvement with these scammers and how they collected your money from you.
CONTACT COMPLAINS AND INVESTIGATION DEPARTMENT:
15A Awolowo Road, Ikoyi, Lagos - Nigeria.
TELEPHONE:+2347033781472
EMAIL: egroupfinancial3@gmail.com
ENDEAVOUR TO PROVIDE THE FOLLOWING DETAILS OF YOUR ALONG WITH YOUR COMPLAINS:
YOUR FULL NAMES:..............................
RESIDENCIAL ADDRESS:.....................
OCCUPATION:..........................................
YOUR TELEPHONE NUMBER:..............
NATIONALITY:...........................................
STATE:.......................................................
AGE:...........................................................
As soon as we receive these information from you, a swift investigation will commence and at the end we promise that whoever is involved in your plight shall be apprehended and handed over to the government and you shall be compensated accordingly.
This Decision is supported and approved courtesy: INTERNATIONAL MONETARY FUND {I.M.F}, UNITED NATION SECRET SERVICE, EUROPE, AMERICA AND THE ECOWAS COMMUNITIES.
Thanks for your co-operation.
Yours Faithfully,
MRS FARIDA WAZIRI, {Executive Chairman}
Economic & Financial Crime Commission {EFCC}
Motto: No Body is Above the Law

Monday, February 21, 2011

"We take the Sh out of IT"



I didn't really care what the company who coined this phrase was offering but it was too funny not to share.


splunkSplunk.com is a search engine to find IT information across company networks including hardware, software and other data.

Read more: http://www.killerstartups.com/Search/splunk-com-take-the-sh-out-of-it#ixzz1Ei7rImWJ


Saturday, February 19, 2011

1998 Honda Civic trailing arm bushing replacement

So this repair was a pain in the neck. Literally. 

Remove the trailing arms as described in the manual (or just start unbolting things until it comes off, as I usually do) and then remove the rubber from the inner part of the bushing sleeve. Normally you would use a press to get the sleeve out with the bushing intact but I used a polyurethane bushing from energy suspensions as a replacement. They didn't require you to remove the entire bushing. You also have to get the rubber off of the pin as you reuse that in the new bushing. In all it took about 8 hours over two Saturday's to get the parts cleaned off, the new bushings in place, and get the car put back together.


You can see the metal bracket and giant bolt used to force the new bushing into place. What you don't see is the 1/8" thick metal channel on the bottom side. I bought the channel because I could not find a washer as big as the instructions outlined but I drilled a hole through the channel to create a plate which I had to double-up because it was too thin. I then found the 1/4" thick bracket that is on top and drilled a hole through the middle. Grease IS KEY! They provide some really sticky grease but had to add some white lithium grease on top of that to get it to slide through. I assume the thicker grease will help it stay in place long term.

Here is the part at Summit Racing: