[SOLVED] ActiveRecord::StatementInvalid: Mysql2::Error: The used command is not allowed with this MySQL version

hi there...


i just want to share about

direct execution with ActiveRecord on Rails 4

its use effectively to load huge data, so  you need to bypass some needless functions.

sometimes you need to load maybe via CSV or load by SQL, but i recommend to use Local Copy in postgress of load local infile in mysql 

here is the solution 

put localinfile option on database.yml

default: &default
  adapter: mysql2
  encoding: utf8
  pool: 5
  username: root
  password: root
  socket: /var/run/mysqld/mysqld.sock
  local_infile: true

refs:

SoF

Ruby

Read more ...

Cisco CDR Hex2Ip mysql format

Hi all,

just my note about hex 2 ip conversion for Cisco UCM CDR log.



DELIMITER ;;

DROP FUNCTION IF EXISTS chex2ip;;
CREATE FUNCTION chex2ip (x INTEGER)
  RETURNS varchar(15)
  DETERMINISTIC NO SQL
  BEGIN
    DECLARE x1 varchar(2);
    DECLARE x2 varchar(2);
    DECLARE x3 varchar(2);
    DECLARE x4 varchar(2);
    DECLARE temp varchar(8);
    IF (x<0) THEN
       set temp = SUBSTR(CAST(HEX(x) AS CHAR),9,8);
    ELSE
       set temp = CAST(HEX(x) AS CHAR);
    END IF;
    set x1=substring(temp,1,2);
    set x2=substring(temp,3,2);
    set x3=substring(temp,5,2);
    set x4=substring(temp,7,2);
    RETURN concat(conv(x4,16,10),'.',conv(x3,16,10),'.',conv(x2,16,10),'.',conv(x1,16,10));
  END;;

DELIMITER ;

for other timestamp field, which is use unix, you can convert to mysql-format by :

SELECT from_unixtime(timestamp, '%Y %D %M %h:%i:%s')


here's some refs :

Cisco
Cisco CDR Header

Read more ...

install phpmyadmin for multi server multi port, phpmyadmin single signon

i want to use one server to manage some mysql server in some ip's

let start,.

pre-requisites

a. installed apache
b. installed php and its library for mysql connection

install phpmyadmin single signon

1. download phpmyadmin from sourceforge  extract it and put on your apache root document
2. edit your configuration file (copy from config.sample.inc.php , make it to be config.inc.php )

$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'signon'; //'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;


$cfg['Servers'][$i]['extension']     = 'mysqli';
$cfg['Servers'][$i]['auth_type']     = 'signon';
$cfg['Servers'][$i]['SignonSession'] = 'SignonSession';
$cfg['Servers'][$i]['SignonURL']     = 'signon.php';

3. download and copy this file to your extracted directory

4. reboot your apache

5. navigate to your serverUrl/phpmyadmin_folder_location

Read more ...

accessing oracle with instant client and toad.

on server (oracle server)

1. ensure that listener is running, "C:\app\Administrator\product\11.2.0\dbhome_1\BIN\lsnrctl status", it use "C:\app\Administrator\product\11.2.0\dbhome_1\NETWORK\ADMIN\listener.ora". the sample as below :  

# listener.ora Network Configuration File: C:\app\Administrator\product\11.2.0\dbhome_1\network\admin\listener.ora
# Generated by Oracle configuration tools.

SID_LIST_LISTENER =
  (SID_LIST =
    (SID_DESC =
      (SID_NAME = CLRExtProc)
      (ORACLE_HOME = C:\app\Administrator\product\11.2.0\dbhome_1)
      (PROGRAM = extproc)
      (ENVS = "EXTPROC_DLLS=ONLY:C:\app\Administrator\product\11.2.0\dbhome_1\bin\oraclr11.dll")
    )
    (SID_DESC =
      (SID_NAME = ORCL)
      (ORACLE_HOME = C:\app\Administrator\product\11.2.0\dbhome_1)
      (ENVS = "EXTPROC_DLLS=ONLY:C:\app\Administrator\product\11.2.0\dbhome_1\bin\oraclr11.dll")
    )
  )

LISTENER =
  (DESCRIPTION_LIST =
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
      (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.42.128)(PORT = 1521))
    )
  )

ADR_BASE_LISTENER = C:\app\Administrator


my TNSNAME.ora

# tnsnames.ora Network Configuration File: C:\app\Administrator\product\11.2.0\dbhome_1\network\admin\tnsnames.ora
# Generated by Oracle configuration tools.

ORACLR_CONNECTION_DATA =
  (DESCRIPTION =
    (ADDRESS_LIST =
      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
    )
    (CONNECT_DATA =
      (SID = CLRExtProc)
      (PRESENTATION = RO)
    )
  )

ORCL =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.42.128)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = orcl.168.42.128)
    )
  )



2. check language on server with sqlplus

Enter user-name: sys as sysdba
Enter password:

Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> select userenv('LANGUAGE') from dual;

USERENV('LANGUAGE')
---------------------------------------------------
AMERICAN_AMERICA.AL32UTF8

3. ensure that your firewall on port 1521 is accessable from outside
4. unlock the user.
SQL> alter user hr identified by hr account unlock;

on client (instant client and toad)

1. download and install oracle instant client and toad. Ensure your architechture versions are same (toad 32 bit for instant client 32 bit, and so on, if you got error can not load dll, change to other version of instant client)
2. add to your system variable
"TNS_ADMIN"  value "C:\Users\Administrator\Desktop\instantclient-basic-win-x86-64-11.1.0.7.0\"
"NLS_LANG" value should same with your server language, there is "AMERICAN_AMERICA.AL32UTF8"
"Path" add value with ";C:\Users\Administrator\Desktop\instantclient-basic-win-x86-64-11.1.0.7.0\instantclient_11_1"
3. open your toad, add new connection with direct connection.

Read more ...

Jawaban simple untuk keanehan-website-kawalpemiluorg-bagian1

well, to the point aja, ini adalah comment saya dari website
http://www.pksciktim.org/2014/07/keanehan-website-kawalpemiluorg-bagian1.html

kesimpulannya: saya bilang web tersebut sangat tidak aneh sama sekali.

Akhirnya saya coba membuka website www.kawalpemilu.org ini, hasilnya.. aneh?. Sebuah website dengan aplikasi JQUERY canggih namun tanpa css atau atau tampilan yang menarik. Web yang katanya bersifat independen dan dikerjakan sampai 700 orang relawan (sumber : facebook KawalPemilu) ini selesai di-input dalam waktu 5 hari selesai hingga 99% tiap propinsi.

my comments => its so simple, tinggal pake aja mesin crawlingnya ruby, perl atau python, system yg jalan untuk mendownload dari web KPU selesai. Ini sangat wajar. Masalah CSS dlsb itu bukan substansi pokok.


Dengan jumlah TPS sebanyak 472.672 yang ada diseluruh Indonesia, sungguh hal yang sangat luar biasa dikerjakan dalam waktu singkat apalagi mengerjakan dalam waktu lima hari. Coba kita bagi 472.672 tps /700 orang = 672,2457 artinya setiap orang mengerjakan 672 tps.

my comments => Liat nih logika Flow nya :

1. relawan ambil snipped, lalu masukin ke system (atau system bisa langsung crawling dari KPU dan langsung crop bagian C1 yg ada angkanya)
2. system akan cek angkanya pake OCR
3. system akan menampilkan hasil OCRnya, klo salah, maka relawan akan membenarkan dan melaporkan bahwa ada data salah.

http://pemilu.metrotvnews.com/read/2014/07/15/265995/ini-metode-yang-dipakai-kawalpemilu-org

nah klo ternyata data entrinya sudah bener, bisa jadi totalnya salah krn ketidakmampuan petugas katanya...

http://news.detik.com/pemilu2014/read/2014/07/12/150206/2635352/1562/form-c1-janggal-kpu-bukan-kesengajaan-tapi-ketidakmampuan-petugas

Anda bayangkan bahwa dengan koneksi internet yang tidak stabil di web, apalagi website yang kadang-kadang lama loadingnya. Kalau saja untuk menginput 1 tps butuh waktu sekitar 5 menit, 675 tps x 5 menit = 3376 menit /60 menit = 56 jam. Artinya butuh waktu lebih dari 2 hari 8 jam.
my comments => klo ada mesin crawling, kenapa hrs download sendiri ?!

Anehnya, saya mencoba menjadi relawan input. Dasarnya sih semua bisa input, tidak peduli siapa pilihan presiden kita. Ada link ke facebook ke https://www.facebook.com/pages/Kawal-Pemilu-2014/1452601258341836. Tempat saya bisa suka dan bisa daftar katanya. Cuma yang paling anehnya lagi.. 14 Juli baru bergabung di facebook. Waduh. bukannya butuh waktu 2 hari 8 jam tiap orang untuk menginput? hari ini saja baru tanggal 15 Juli 2014 jam 23.00 WIB.

my comments => bagi saya ini SANGAT GAK ANEH, kan pake system boss ?!

Hebat sekali lagi, Ainun Najib tinggal di Singapura. Cuma dapat darimana relawan 700 orang secepat kilat dengan spesifikasi yang luar biasa? kapan melatihnya ? dimana inputnya? bisa orang tidak tidur 2 hari 8 jam? input seabrek itu.. Pastinya orang hebat dan jago website semua nih.

my comments => orang publish di FB pastilah banyak yg bantuin, ga perlu pelatihan kusus klo cuman mantengin angka gtu, inputnya ya di system lah.
Jadi kembali ke awal, siapa fundingnya nih? Hari gini gratisan input? masak sih? 2 hari 8 jam bergadang tidak tidur tidak ngapa-ngapain? Orang butuh THR juga lah..
Andai saja berbayar inputnya. Mungkin butuh uang sebesar Rp. 1000/input x 472.672 tps = Rp. 472.672.000 (Empat Ratus Juta Enam Ratus Tujuh Puluh Dua Ribu Rupiah). Belum servernya.. Banyak yah..

my comments => itulah bedanya mobilisasi dengan partisipasi, dan lagian wong cuman butuh domain sama 1 apps di kasih ke heroku, klo untuk backupnya bs pake laptop sendiri di tunnel in ke VM selesai kan masalahnya ?, modalnya berapa ?, saya pikir 120 ribu untuk beli domain, 2 orang programmer cincau lah, kan untuk bangsa kita sendiri.

Pertanyaan paling besar adalah darimana para programmer mendapatkan domain http://scanc1.kpu.go.id/ apalagi mendapatkan file viewp.php . Url tersebut berguna untuk meload secara otomatis menggunakan skrip AJAX tampilan gambar C1 tanpa mendownload dahulu gambar C1. Apakah KPU tahu ini? .

my comments => klo anda programmer, tentu tidak akan bertanya seperti ini, wong pake wget -r aja keliatan kok semuanya... hmmm... belajar dulu deh ... 

justru yg ane merasa aneh  nih, di sini elo bilang "meload otomatis", tp knpa lo bilang di atas butuh banyak orang ?. hmmm...

Read more ...

activate im openerp 8

previously, on version 7, im already running (http://febru.soluvas.com/2013/09/how-to-activate-instant-messaging-on.html)

now, i want to share how to activate im in openerp 8.

first install your openerp 8. (http://febru.soluvas.com/2014/03/install-openerp-8-ubuntu-1310.html )

once you logged in, install im module on setting menu.

then do this :

download
    https://pypi.python.org/packages/source/p/psycogreen/psycogreen-1.0.tar.gz
extract
    tar xvvf psycogreen-1.0.tar.gz
    cd psycogreen-1.0
install
    python setup.py install
    easy_install greenlet
    easy_install gevent-psycopg2
    apt-get install python-all-dev
    apt-get install libevent-dev
Running
    openerp-gevent --config=/openerp8/install/openerp-server.conf

Read more ...

install vmware workstation ubuntu 14.04

Firstly :

download from official wvware or from this website

Secondly :

create temporary file to patch. Let say : /tmp/temp.patch

205a206

> #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 13, 0)

206a208,210

> #else

> VNetFilterHookFn(const struct nf_hook_ops *ops,        // IN:

> #endif

255c259,263

<    transmit = (hooknum == VMW_NF_INET_POST_ROUTING);

---

>    #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 13, 0)

>       transmit = (hooknum == VMW_NF_INET_POST_ROUTING);

>    #else

>       transmit = (ops->hooknum == VMW_NF_INET_POST_ROUTING);

>    #endif




Next 

sudo -i
cd /usr/lib/vmware/modules/source/
cp vmnet.tar vmnet.tar.original
tar xvf vmnet.tar vmnet-only/filter.c
patch vmnet-only/filter.c < /tmp/temp.patch
tar -uvf vmnet.tar vmnet-only/filter.c
rm -rf vmnet-only 

Unable to change virtual machine power state: Internal error

once you get this error , you need to run :

killall -s9 vmware-vmx

Read more ...

[SOLVED] iked "failed to attach to key daemon" ubuntu 14.04

previously, i write about how to install ipsec vpn,

once you get an error "failed to attach to key daemon" you need to run these steps :

1. Upgrade your vpn client version. download here then re-install again, see how to install here.
2. make sure that iked service is running (ps -ef | grep iked), otherwise, you need to run manually (sudo iked)
3. try it now...

Read more ...

install ipsec vpn ubuntu 13.10 shrew soft vpn connect

its ipsec vpn

cd /usr/local/src ; sudo wget https://www.shrew.net/download/ike/ike-2.2.0-release.tbz2
sudo tar jxpvf ike-2.2.0-release.tbz2 ; cd ike
sudo apt-get install cmake libqt4-core libqt4-dev libqt4-gui libedit-dev libssl-dev checkinstall bison flex
sudo cmake -DCMAKE_INSTALL_PREFIX=/usr -DQTGUI=YES -DETCDIR=/etc -DNATT=YES
sudo checkinstall -y
sudo cp /usr/local/src/ike/source/iked/iked.conf.sample  /etc/iked.conf
sudo iked  or sudo qikea


then it should be like this :

more detail you can see here 

Read more ...

openerp fields permissions

on openerp 7, let say: you want to make some fields are can only update or create by specific group, then you can make it as : (on your model column)

'c50':fields.float('PO Amount',write= ['project_nsn.group_nsn_ppm',] ),

or, you want to make it visible on specific group, then you can make as :

'c50':fields.float('PO Amount',groups= "project_nsn.group_nsn_ppm, project_nsn.group_nsn_manager" ),

by these option, you make c50 column can only edit by group Nokia Siemens Network on Project Monitoring division only.

more detail about it, you can check here

Read more ...

openerp 7 import csv

before you import your data (contact, product, invoice, sales order etc). You need to enable external identifier to make openerp recognize your data to be referred.

example :
you need to import product, which is have "manufacture_id" or "agent_id"  (refers to res_partner), to enable importing your data, you need to create external identifier.

see here :

then it automatically change the view base on your record_id

after this steps, you just need to create a simple excel formula to map your text-base-description to be external-identifier-format. (a simple vlookup)

you can see that you can use cust/id field  (its refers to res_partner)

thats all, hopefully useful 

Read more ...

[SOLVED] Openerp 8 Access Denied by record rules for operation: create, model: res.partner

well, on openerp 8, you may get this error,

the solution is simple, just follow my previous post here


then you just create as below :

Read more ...

install openerp 8 ubuntu 13.10

its easy ways to install openerp 8 on ubuntu 13.10

first :
follow this step http://febru.soluvas.com/2013/11/how-to-install-openerp-7-on-ubuntu-1310.html

secondly : 
sudo apt-get install python-pypdf python-psutil 
sudo apt-get install apache2 libapache2-mod-gnutls libapache2-mod-python libapache2-mod-wsgi 
sudo apt-get install xvfb xfonts-100dpi xfonts-75dpi xfonts-scalable xfonts-cyrillic  wkhtmltopdf  flashplugin-nonfree 

sudo apt-get install python-setuptools
sudo wget https://pypi.python.org/packages/source/w/wkhtmltopdf/wkhtmltopdf-0.1.tar.gz
sudo tar xvvf wkhtmltopdf-0.1.tar.gz
cd wkhtmltopdf-0.1/
sudo python setup.py install
 
you can check it by : 

python -m wkhtmltopdf.main google.com  /tmp/example.pdf
 

tarraaa.... your openerp is ready...

maybe you need to setup proxy-http and mod proxy to make it run with other application with apache as proxy.

Read more ...

[SOLVED] openerp 8 TypeError: _postprocess_args() takes exactly 2 arguments (3 given)

Hi all,

just a little solution for this error : in openerp 8, website addons

TypeError: _postprocess_args() takes exactly 2 arguments (3 given)

and this

Read more ...

[SOLVED] OpenERP 7 IOError: decoder zip not available

IOError: decoder zip not available

its an error while you use PIL or Pillow with python-imaging together. On my case : with this environment :

Openerp 7
Ubuntu 13.10 x64

i've got an error as below : 

then i test on console, its seem running

>>> from PIL import Image>>> 

but, still error while installing some modules. 

well, the solution is : 

1. remove python-imaging

sudo apt-get remove python-imaging

2. find your libz.so 

find . -iname libz.so 

3. create link (its depend on your libz.so)

sudo ln -s /usr/lib/x86_64-linux-gnu/libz.so /usr/lib

4. re-install PIL

sudo pip uninstall PIL

sudo pip install PIL

then you will see the last result is : 

    --------------------------------------------------------------------
    PIL 1.1.7 SETUP SUMMARY
    --------------------------------------------------------------------
    version       1.1.7
    platform      linux2 2.7.5+ (default, Sep 19 2013, 13:48:49)
                  [GCC 4.8.1]
    --------------------------------------------------------------------
    *** TKINTER support not available (Tcl/Tk 8.5 libraries needed)
    --- JPEG support available
    --- ZLIB (PNG/ZIP) support available
    --- FREETYPE2 support available
    *** LITTLECMS support not available
    --------------------------------------------------------------------
    To add a missing option, make sure you have the required
    library, and set the corresponding ROOT variable in the
    setup.py script.
    
    To check the build, run the selftest.py script.
    changing mode of build/scripts-2.7/pilconvert.py from 644 to 755
    changing mode of build/scripts-2.7/pilfile.py from 644 to 755
    changing mode of build/scripts-2.7/pilprint.py from 644 to 755
    changing mode of build/scripts-2.7/pilfont.py from 644 to 755
    changing mode of build/scripts-2.7/pildriver.py from 644 to 755
    
    changing mode of /usr/local/bin/pilconvert.py to 755
    changing mode of /usr/local/bin/pilfile.py to 755
    changing mode of /usr/local/bin/pilprint.py to 755
    changing mode of /usr/local/bin/pilfont.py to 755
    changing mode of /usr/local/bin/pildriver.py to 755
Successfully installed PIL
Cleaning up...

You can test with this simple script :

import urllib
from PIL import Image
import StringIO
file = StringIO.StringIO(urllib.urlopen('https://fbstatic-a.akamaihd.net/rsrc.php/v2/yi/r/OBaVg52wtTZ.png').read())
img = Image.open(file)
img = img.crop((0, 0, 400, 600))

if it running, then you are ready to work on.

Read more ...

openvpn udp over tcp via SSH IP Tunnel

openvpn udp over tcp via SSH IP Tunnel

tonight, i make a simple test to make udp over tcp with ssh IP tunnel, main tools is pppd and ssh connection. by this ways, you can transfer udp over tcp, but its too slow, then to raise its performance, i put openvpn udp. The speed is good enough for me. 

before you use it, you need to know that i put 3 level compressions. Two in pppd and one in ssh. On pppd i use deflate and bsdcomp, and on ssh i put -C options. These are needed because we make 3 pipes to make this connection / tunnel.

by this methods, you will get increase your mobile internet speed significantly, but i NOT RECOMMEND for high speed connection such LTE or FO/FTTH connection, it will make slower. So, its effectively as your solution if  you just have more than 5 mbps. why ?, because it ANOMALY there. See on pppd manual here : 

Compression methods.
********************

This package supports two packet compression methods: Deflate and BSD-Compress. Other compression methods which are in common use include Predictor, LZS, and MPPC. These methods are not supported for two reasons - they are patent-encumbered, and they cause some packets to expand slightly, which pppd doesn't currently allow for. BSD-Compress is also patent-encumbered (its inclusion in this package can be considered a historical anomaly :-) but it doesn't ever expand packets. Neither does Deflate, which uses the same algorithm as gzip.

how it works ?

first of all, we make pppd connection over ssh. I recently uploaded on this. 

secondly, we put openvpn udp on it.

why SSH IP Tunnel ?

main reason is, i need to make this connection FREE, so i need to make socket connection to bypass the proxy. The ssh ip tunneling will run with sock proxy.

to bypass the proxy, you can make simple program to modify the header, you can see here.

Why openvpn UDP ?

its very fast connection, running as speed boster. In the end of this experiment, you will get 2 tun-interfaces.

the result on speedtest.

bare connection : (without tunnel)
http://www.speedtest.net/result/3333628291.png

+SSH IP tunnel
http://www.speedtest.net/result/3333641416.png

+SSH IP tunnel + OpenVpn UDP
http://www.speedtest.net/result/3333654874.png

+OpenVpn UDP

http://www.speedtest.net/result/3333673088.png

Tools 

you can make ssh tunnel with this account. 

Read more ...

[SOLVED] ERROR: unable to download video

when you download with youtube-dl, you get an error as this :

[youtube] Setting language
[youtube] pgEFfZOV9GQ: Downloading video webpage
[youtube] pgEFfZOV9GQ: Downloading video info webpage
[youtube] pgEFfZOV9GQ: Extracting video information
[youtube] pgEFfZOV9GQ: Encrypted signatures detected.

ERROR: unable to download video

then you try to solve by this command : 

sudo youtube-dl -U

you just get this message : 

It looks like you installed youtube-dl with a package manager, pip, setup.py or a tarball. Please use that to update.

well, the solution is :

sudo pip install --upgrade youtube-dl

Downloading/unpacking youtube-dl from https://pypi.python.org/packages/source/y/youtube_dl/youtube_dl-2014.02.26.tar.gz#md5=941720c118544cb0d00dde072b8667f7

  Downloading youtube_dl-2014.02.26.tar.gz (311kB): 311kB downloaded

  Running setup.py egg_info for package youtube-dl

    

Installing collected packages: youtube-dl

  Found existing installation: youtube-dl 2013.08.29

    Uninstalling youtube-dl:

      Successfully uninstalled youtube-dl

  Running setup.py install for youtube-dl

    

    Installing youtube-dl script to /usr/local/bin

Successfully installed youtube-dl

Cleaning up...

then everything will run properly.

Read more ...

inject links

i want to share this link so they can try to make their own "header inject", some of this links may have been blocked by broadband mobile provider, but some others is still ok.

Read more ...

install openvpn webmin ubuntu

here's simpler ways to use server as vpn server, you just need install webmin then everything will be run as you want. Let's start :

install openvpn and webmin

add webmin repository on your source list (/etc/apt/sources.list)

deb http://download.webmin.com/download/repository sarge contrib

add key and update repository

sudo wget http://www.webmin.com/jcameron-key.asc

sudo apt-key add jcameron-key.asc

sudo apt-get update

install openvpn and webmin

sudo apt-get install openvpn webmin

install openvpn gui admin web

download openvpn admin module : here 

log into : https://your_vpnserver_ip:10000 

go to "module index" => install module 

go to "OpenVpn + CA" =>  "Certification Authority list" then create new CA

go to "OpenVpn + CA" =>  "Certification Authority list" then click on "key list" to create server key, don't forget to choose "key server" type is "SERVER"

go to "OpenVpn + CA" =>  "Certification Authority list" then click on "key list" to create client key, don't forget to choose "key server" type is "CLIENT"

go to "OpenVpn + CA" =>  "vpn list" then create new vpn

save and start your vpn

Openvpn Client setup 

go to "vpn server list" => Client list 

create new client, then export the configuration file 

then you are ready to connect with openvpn gui client. 

if you want to remove the client, you may remove it from that menu.

setup your routing table

edit your /etc/sysctl.conf and make sure that ip_forward is  1  (un comment it)

net.ipv4.ip_forward=1

change your vpn server routing table

sudo echo 1 > /proc/sys/net/ipv4/ip_forward
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o tun0 -m state –state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT 

Read more ...

simple vpn over ssh

some people write a simple trick to make vpn connection over ssh tunnel without additional program or authentication files such ta, cert, ca etc.

on linux, pppd and ssh are commonly used. So you can try this trick :

PPPD is /usr/sbin/pppd
SSH is /usr/bin/ssh

${PPPD} updetach noauth passive pty "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o Batchmode=yes sudo ${PPPD} nodetach notty noauth" ipparam vpn ${CLIENT_IFIPADDR}:${SERVER_IFIPADDR}

before you do this trick, make sure that :
you ssh connection is running with batch mode, you need to make ssh-keygen on your client, then put the key to the server authorized keys.

after you do this trick, if you want to re-route your traffic to vpn server, you need to run :
1. routing on server :
iptables -t nat -A POSTROUTING -s [your_vpn_client_ip] -d 0/0 -j MASQUERADE

2. routing on client
route add default gw [your_vpn_server_ip] 

Read more ...

get free internet zero balance with default home page

First of all, i want to show you some vulnerable internet connection on mobile internet broadband provider, its depend on your service / internet plan.

I've test this trick with ZERO balance, its ABSOLUTELY  FREE !!!

How It Works

• when you connect with tour mobile modem, it will get default intenet-plan (or just as your profile, set on your APN).
• every internet-plan / connection-profile, have one (or more) free page. (such as default home page. etc, let say : "wap.vodafon.com" )
• default home page commonly use this method "^wap.vodafon.com*"  (style in ereg)
• you can create your own dns A record in your domain (or free domain) precedes by the bugs.
• the simple server, will make you pass internet provider proxy using this bugs, then open one port (as http-proxy)
• you can use the new http-proxy to make vpn connection, so you are free.

How to get bugs

to get bugs, just visit their official web site, then grap information about these :

• default home page (as bugs)
• proxy address and port (put it on simple server config)
• apn and user password (to set your mobile modem)

Start your free internet mobile with zero balance

setup your own DNS forward

get the bugs, and setup your simple server config

connect your vpn (via http proxy of simple server)

taraaaaa..... you are free noww....  

TCP Connection stable enough for me ... 

Tools 

simple server

openvpn account tcp (password : trial5)
ssh tunnel account

Read more ...

install openvpn admin gui web base administration part 1

there are so many openvpn administration software, there are : 

• http://openvpncertmgmt.sourceforge.net/ 
• http://sourceforge.net/projects/openvpn-admin/?source=recommended
• http://sourceforge.net/projects/openvpn-control/?source=recommended
• http://www.bytemine.net/en/bytemine-manager
• http://sourceforge.net/projects/openvpn-control/files/?source=navbar

but, today i will share my experience installing purplenet, i think its better, ok lets start.

A. install purplenet openvpn server gui administration 

apt-get install bridge-utils vlan ebtables openvpn libapache2-mod-python postgresql python-psycopg2 python-django 

note: 

if you want to install by your self independently, you can use this way : 

wget http://www.djangoproject.com/download/1.1.1/tarball/
tar zxf Django-1.1.1.tar.gz
cd Django-1.1.1

sudo cp -pr django /usr/local/lib/python2.5/site-packages/

then

python setup.py

B. Create Database for purplenet

sudo -u postgres createuser -S -D -R -l -P -E purplenet
sudo -u postgres createdb --encoding=UTF-8 --owner=purplenet purplenetdb

edit your hba

vim /etc/postgresql/9.1/main/pg_hba.conf

just like this :

host purplenetdb purplenet 127.0.0.1/32 md5
or 
host    all         all         127.0.0.1/32          md5

C. Install Purplenet
wget http://sourceforge.net/projects/purplenet/files/purplenet-0.7.2/purplenet-0.7.2.tar.bz2/download
bzip2 -dc purplenet-0.7.2.tar.bz2 | tar xf -
mkdir -p /opt
sudo cp -r purplenet-0.7.2 /opt
sudo ln -s /opt/purplenet-0.7.2 /opt/purplenet

edit your seting.py
cd /opt/purplenet/purplenet
sudo cp settings.py.dist settings.py
vim /opt/purplenet/purplenet/settings.py

ADMINS = (
        ('Firstname Surname', 'firstname.surname@yourdomain'),
)

DATABASE_ENGINE = 'postgresql_psycopg2'
DATABASE_NAME = 'purplenetdb'
DATABASE_USER = 'purplenet'
DATABASE_PASSWORD = 'yourpassword'
DATABASE_HOST = '127.0.0.1'
DATABASE_PORT = '5432'
MEDIA_ROOT = '/opt/purplenet/media'
MEDIA_URL = 'http://servername/purplenet/media/'
ADMIN_MEDIA_PREFIX = '/purplenet/media/admin/'
SECRET_KEY = 'yourSecretKey'
LOGIN_URL = '/purplenet/login/'
TEMPLATE_DIRS = (
       '/opt/purplenet/templates',
)
FIXTURE_DIRS = (
      '/opt/purplenet/fixtures'
)
PURPLENET_LOGOUT_URL = "http://servername/"
PURPLENET_SETUP_KEY = "yourOtherSecretKey"

edit your mkca.conf and openssl template

vim /opt/purplenet/libpurplenet/mkca.cnf
countryName_default = US

localityName_default            = Montreal
organizationName_default        = SuperFastVPN
organizationalUnitName_default  = vpn

vim /opt/purplenet/templates/mkca/openssl.cnf

countryName_default             = US
localityName_default            = Montreal
organizationName_default        = SuperFastVPN
organizationalUnitName_default  = vpn

D. Create Database purplenet

cd /opt/purplenet
source env.sh
manage syncdb

.....

You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes
Username (Leave blank to use 'someuser'): administrator
E-mail address: firstname.surname@organisation.com
Password: 
Password (again): 
Superuser created successfully.
Installing index for auth.Permission model
Installing index for auth.Message model
Installing index for admin.LogEntry model

....

this user will use to setup purplenet web.

E. Configure Apache

vim /etc/apache2/sites-available/default.

<Location /purplenet>
     SetHandler python-program
    PythonHandler django.core.handlers.modpython
     SetEnv DJANGO_SETTINGS_MODULE purplenet.settings
     PythonOption django.root /purplenet
     PythonDebug On
     PythonAutoReload On
    PythonPath "['/opt/purplenet'] + sys.path"
     PythonInterpreter purplenet
</Location>
Alias "/purplenet/media/admin" "/usr/local/lib/python2.5/site-packages/django/contrib/admin/media/"
Alias "/purplenet/media" "/opt/purplenet/media"
<Location /purplenet/media>
   SetHandler None
</Location>

Apache needs now be restarted with the new configuration with the following
command:

sudo /etc/init.d/apache2 restart

F. Configure CA Directory

sudo mkdir -p /var/lib/purplenet/ca
sudo chown www-data:www-data /var/lib/purplenet/ca
sudo chmod 750 /var/lib/purplenet/ca

the last, enter to :

http://yourwebserver/purplenet/setup/

turn to the next page, lets setup the purplenet-web

if you want to try this connection, you can download vpn tcp configuration here (the password is trial5)

Read more ...

install openvpn admin gui web base administration part 2

previously, we try to install openvpn administration gui, now lets move forward to its setting. 

goto : 

http://yourwebserver/purplenet/login

then go to menu "manage"

a. Create vpn Server

b. Create organization

c. Create Network

then you need to link it, one server can have many organization, on one organization can use some networks, and on one organization can be used by some users.

D. Create user and its certificate to login

E. put your server configuration to your openvpn configuration directory, the file configuration should be like this : 

if you use many servers, you can use vlan to make administration-centered.

finishing this steps, you can test your speed now, for me, i've got better speed then : 

for bare connection before tuning up, you can download here (the password is trial 5, proto udp)

Read more ...