Category Archives: Guides

Fast NTLM authentication proxy with tunneling

1 Reply

If you are using Linux behind a corporate firewall that only supports Windows, and the Windows proxy authentication is causing you pain, then I suggest installing and using CNTLM.

The problem I was experiencing behind my corporate firewall is that I need to authenticate using the windows domain prepended to my username. It seems that you are not able to have a backslash in your username when setting your http_proxy environment variable using the below format.


http://username:password@host:port/

In other words I was getting strange errors when using the following in my .bash_profile.

export http_proxy=http://domainusername:password@host.com/

You can’t escape the backslash, nor wrap everything in quotes etc. The only solution I came across was to use an NTLM authentication proxy such as CNTLM, which is a fast NTLM authentication proxy written in C. The Ubuntu package is described as follows.

Cntlm is a fast and efficient NTLM proxy, with support for TCP/IP tunneling, authenticated connection caching, ACLs, proper daemon logging and behaviour and much more. It has up to ten times faster responses than similar NTLM proxies, while using by orders or magnitude less RAM and CPU. Manual page contains detailed information.

It can be installed using the command, but you’ll need to do this when you are connected directly to the internet, and thus bypassing your corporate proxy!

sudo apt-get install cntlm

You will then need to configure CNTLM by modifying the config file at /etc/cntlm.conf. You’ll need to specify your windows domain login credentials in the config file.

Once configured, restart CNTLM using the command:

sudo /etc/init.d/cntlm restart

Once CNTLM has been configured and restarted, you can then update your http_proxy settings to use http://localhost:3128, or whatever port number you used in the CNTLM config file. By default CNTLM listens on port 3128. Now you will be able to use apt-get, but this time behind your corporate proxy.

Deploying your Django app on Joyent Shared Accelerators

1 Reply

This guide is basically a rehash of this posting in Joyent’s support forums. I am reproducing it below to include my experiences as I found some discrepancies with the posting in the Joyent forums.

Joyent Shared Accelerators don’t allow you to deploy your Django app using mod_python, so you have to create a proxy path that diverts traffic to lighttpd and FastCGI to serve your Django app.

For this guide you will need to replace ${USER} with your username on Joyent’s server, the hostname of your server as ${HOST}, and your DNS domain as ${DOMAIN}.

Set up Apache as a proxy server for lighttpd

You no longer need to submit a support ticket to request a port number for lighttpd. You can just go to Virtualmin for your server (https://virtualmin.joyent.us/${HOST}/) > Other Tools > Check ports to view a list of available port numbers that have been reserved for you. Pick one and note it down. We will refer to this port number as ${PORT}.

Set up a directory structure for lighttpd:

mkdir -p ~/etc/init.d
mkdir -p ~/etc/lighttpd/vhosts.d
touch ~/logs/lighttpd.error.log ~/logs/lighttpd.access.log

Using a text editor, create ~/etc/lighttpd/lighttpd.conf:

#-- Lighttpd modules

server.modules = ( "mod_rewrite",
                                "mod_redirect",
                                "mod_access",
                                "mod_cgi",
                                "mod_fastcgi",
                                "mod_compress",
                                "mod_accesslog",
                                "mod_alias" )

#-- Fundamental process configs
server.port = ${PORT}
server.username = "${USER}"
server.groupname = server.username
var.base = "/users/home/" + server.username
server.pid-file = base + "/var/run/lighttpd.pid"

#-- Logging
server.errorlog = base + "/logs/lighttpd.error.log"
accesslog.filename = base + "/logs/lighttpd.access.log"

#-- Default
server.document-root = base + "/web/public"
server.indexfiles = ( "index.php", "index.html",  "index.htm", "default.htm" )
    
#-- Security
url.access-deny = ( "~", ".inc", ".ht" )

#-- Mimetypes
include_shell "cat " + base + "/etc/lighttpd_mimetypes.conf"

#-- VHOSTS

Create ~/etc/lighttpd/mimetypes.conf:

mimetype.assign             = (
".pdf"          =>      "application/pdf",
".sig"          =>      "application/pgp-signature",
".spl"          =>      "application/futuresplash",
".class"        =>      "application/octet-stream",
".ps"           =>      "application/postscript",
".torrent"      =>      "application/x-bittorrent",
".dvi"          =>      "application/x-dvi",
".gz"           =>      "application/x-gzip",
".pac"          =>      "application/x-ns-proxy-autoconfig",
".swf"          =>      "application/x-shockwave-flash",
".tar.gz"       =>      "application/x-tgz",
".tgz"          =>      "application/x-tgz",
".tar"          =>      "application/x-tar",
".zip"          =>      "application/zip",
".mp3"          =>      "audio/mpeg",
".m3u"          =>      "audio/x-mpegurl",
".wma"          =>      "audio/x-ms-wma",
".wax"          =>      "audio/x-ms-wax",
".ogg"          =>      "audio/x-wav",
".wav"          =>      "audio/x-wav",
".gif"          =>      "image/gif",
".jpg"          =>      "image/jpeg",
".jpeg"         =>      "image/jpeg",
".png"          =>      "image/png",
".xbm"          =>      "image/x-xbitmap",
".xpm"          =>      "image/x-xpixmap",
".xwd"          =>      "image/x-xwindowdump",
".css"          =>      "text/css",
".html"         =>      "text/html",
".htm"          =>      "text/html",
".js"           =>      "text/javascript",
".asc"          =>      "text/plain",
".c"            =>      "text/plain",
".conf"         =>      "text/plain",
".text"         =>      "text/plain",
".txt"          =>      "text/plain",
".dtd"          =>      "text/xml",
".xml"          =>      "text/xml",
".mpeg"         =>      "video/mpeg",
".mpg"          =>      "video/mpeg",
".mov"          =>      "video/quicktime",
".qt"           =>      "video/quicktime",
".avi"          =>      "video/x-msvideo",
".asf"          =>      "video/x-ms-asf",
".asx"          =>      "video/x-ms-asf",
".wmv"          =>      "video/x-ms-wmv",
".bz2"          =>      "application/x-bzip",
".tbz"          =>      "application/x-bzip-compressed-tar",
".tar.bz2"      =>      "application/x-bzip-compressed-tar"
)

Finally, create an init script at ~/etc/init.d/lighttpd:

#!/bin/sh

HOME=/users/home/${USER}
LIGHTTPD_CONF=$HOME/etc/lighttpd/lighttpd.conf
PIDFILE=$HOME/var/run/lighttpd.pid

case "$1" in

    start)
    # Starts the lighttpd daemon
    echo "Starting lighttpd"
    PATH=$PATH:/usr/local/bin /usr/local/sbin/lighttpd -f $LIGHTTPD_CONF

;;
    stop)
    # stops the daemon bt cat'ing the pidfile
    echo "Stopping lighttpd"
    kill `/bin/cat $PIDFILE`

;;
    restart)
    ## Stop the service regardless of whether it was
    ## running or not, start it again.
    echo "Restarting lighttpd"
    $0 stop
    $0 start

;;
    reload)
    # reloads the config file by sending HUP
    echo "Reloading config"
    kill -HUP `/bin/cat $PIDFILE`

;;
    *)
    echo "Usage: lighttpd (start|stop|restart|reload)"
    exit 1
;;
esac

Don’t forget to make the init script executable:

chmod 755 ~/etc/init.d/lighttpd

Proxy Apache to lighttpd

Open up a web browser, and log into https://virtualmin.joyent.us/${HOST}/

Select the virtual server to configure. Then go to Server Configuration > Proxy Paths > Add a new proxy path. Enter the following values and click Create.

Local URL path: /
Destination URLs: http://${DOMAIN}:${PORT}

Configure Django environment

Add the path to your Django app to the PYTHONPATH. Add the following to your .profile and .bashrc files.

export PYTHONPATH=/users/home/${USER}/src/django_projects

Deploying your Django app

Check out your django app to /users/home/${USER}/src/django_projects. I will refer to this django app as ${APPNAME}.

cd ~/src/django_projects
svn co svn+ssh://subversion_repos/site/${APPNAME}/trunk ${APPNAME}

Create a MySQL database

Normally I would use PostgreSQL cos it rocks, but unfortunately Joyent only provides database restrictions for specific users on MySQL. So we’ll create a mysql user and grant it privileges to access a mysql database.

Open up a web browser and log into https://virtualmin.joyent.us/${HOST}/

Select ${DOMAIN} from the dropdown list > click “Edit Databases” > Click “Create a new database”.

I entered “production” into the Database name field so that my database will be called ${USER}_${DOMAIN}_production. Then click “Create”.

Create a database user

In Virtualmin, Select ${DOMAIN} from the dropdown list.
Click “Edit Mail and FTP Users” > “Add a user to this server”.
Under Virtual domain user mailbox details, enter “django” into the Email address field. This will create a mysql user called django-${DOMAIN}, and the auto-generated password will also be used for the mysql password in your django settings.py.

Expand “Quota and home directory settings”. Limit the user’s home directory quota to 1MB.
Expand “Other user permissions”. Allow the user access to the “${USER}_${DOMAIN}_production” database we just created. Click create.

Configure project settings

In settings.py modify your database settings to the following:

FORCE_SCRIPT_NAME=''

import os.path
ROOT_DIR = os.path.abspath(os.path.dirname(file))

DATABASE_ENGINE = 'mysql'
DATABASE_NAME = '${USER}_${DOMAIN}_production'
DATABASE_USER = 'django-${DOMAIN}'
DATABASE_PASSWORD = 'password"
DATABASE_HOST = ''
DATABASE_PORT = ''

MEDIA_ROOT = os.path.join(ROOT_DIR, 'media')
MEDIA_URL = '/media/'
ADMIN_MEDIA_PREFIX = '/media/admin/'

TEMPLATE_DIRS = (
    os.path.join(ROOT_DIR, 'templates'),
)

INSTALLED_APPS = (
    'django.contrib.sites',
    'django.contrib.admin',
    'django.contrib.flatpages',
)

Since the settings file has our MySQL password inside, don’t let others read it:

chmod 600 ~/src/django_projects/${APPNAME}/settings.py

Then create the database tables in the usual fashion:

./manage.py syncdb

Create project init script

Create ~/src/djangoprojects/${APPNAME}/etc/init.sh:

#!/bin/sh

HOME="/users/home/${USER}" # Edit to your own username
PYTHONPATH=$HOME/src/django_projects
export PYTHONPATH

PROJECT_NAME="${APPNAME}"
PROJECT_DIR="$HOME/src/django_projects/$PROJECT_NAME"
PID_FILE="$HOME/var/run/$PROJECT_NAME.pid"
SOCKET_FILE="$HOME/tmp/$PROJECT_NAME.socket"
MANAGE_FILE="$PROJECT_DIR/manage.py"
METHOD="prefork"

case "$1" in

    start)
    # Starts the Django process
    echo "Starting Django project $PROJECT_NAME"
    python $MANAGE_FILE runfcgi maxchildren=2 maxspare=2 minspare=1 method=$METHOD socket=$SOCKET_FILE pidfile=$PID_FILE

;;
    stop)
    # stops the daemon by cat'ing the pidfile
    echo "Stopping Django project $PROJECT_NAME"
    kill `/bin/cat $PID_FILE`

;;
    restart)
    ## Stop the service regardless of whether it was
    ## running or not, start it again.
    echo "Restarting Django project $PROJECT_NAME"
    $0 stop
    $0 start

;;
    *)
    echo "Usage: init.sh (start|stop|restart)"
    exit 1

;;
esac

Make the init script executable:

chmod 755 ~/src/djangoprojects/${APPNAME}/etc/init.sh

Offload static media to lighttpd

We don’t want Django to be serving static content, so any path that refers to static content will be served by the web server directly from ~/web/public.

Create a softlink from django’s admin media to ~/web/public/media/admin.

mkdir ~/web/public/media
ln -s /usr/local/lib/python2.5/site-packages/django/contrib/admin/media/ ~/web/public/media/admin

Create a softlink from your project’s media directory to ~/web/public/media/public.

mkdir -p ~/src/django_projects/project/media/public
ln -s /users/home/${USER}/src/django_projects/${APPNAME}/media/public ~/web/public/media/public

Configure lighttpd

Edit ~/etc/lighttpd/vhosts.d/${APPNAME}.conf.

$HTTP["host"] =~ "(www.)?${DOMAIN}" {
    server.document-root = base + "/web/public"
    fastcgi.server = (
        "/${APPNAME}.fcgi" => (
            "main" => (
                "socket" => base + "/tmp/${APPNAME}.socket",
                "bin-environment" =>
                            ( "TZ" => "America/Chicago" ),
                "check-local" => "disable",
            )
        ),
    )

    url.rewrite-once = (
        "^(/media/admin.*)$" => "$1",
        "^(/media/public.*)$" => "$1",
        "^/favicon.ico$" => "/media/public/img/favicon.ico",
        "^(/.*)$" => "/${APPNAME}.fcgi$1",
    )
}

Then include vhosts.d/${APPNAME}.conf in your lighttpd.conf:

echo 'include "vhosts.d/${APPNAME}.conf"' >> ~/etc/lighttpd/lighttpd.conf

Schedule service start

Create a Joyent bootup action in Virtualmin. In Virtualmin, Select ${DOMAIN} from the dropdown list > go to Services > Booup Actions > Add a new bootup action. Enter the following values in the input fields and click “Create”.

Action name: init-${APPNAME}-django-site
Description: Init ${APPNAME} Django Site
Commands to run at startup: /users/home/${USER}/src/django_projects/${APPDNAME}/etc/init.sh start

Go back to the Bootup Actions, click “Add lighttpd”. Enter the following values in the input fields and click “Create”.

Action name: lighttpd-${APPNAME}-django-site
Description: Lighttpd ${APPNAME} Django Site
Commands to run at startup: /usr/local/sbin/lighttpd -f /users/home/${USER}/etc/lighttpd/lighttpd.conf

Open up your browser and go to your newly deployed Django app!

If you don’t see your site then you will have to do some debugging. I didn’t get it first time as you’ll note that my instructions above are slightly different from the original post here.

IR Pen version 2

2 Replies

My previous attempt at building a simple IR pen did not work as expected. The power source was too weak for the IR LED, and consequently the Wiimote had difficulty detecting the IR light.

For my second attempt I purchased an IR LED, some wire, a momentary switch, a 10 Ohm resistor, and a battery holder for two AA batteries. I also had a whiteboard marker lying around, which I used to create the casing for the IR pen.

IR Pen

I wired up the circuit so that the IR LED was in serial with the switch, resistor and battery holder. I then cut off the nozzle from the whiteboard marker casing. I needed space to fit the switch, so I cut the cylinder shaped casing in half, and drilled a hole to push the switch through. I then popped the LED through the nozzle, and wrapped the casing around the circuit. Everything was then held in place using electrical tape. It was a prototype, so I didn’t bother with aesthetics, which the rubber band holding the pen and battery holder together clearly shows.

I am glad to report that this particular IR pen works perfectly with my laptop screen and the Wiimote. However, I will need to test it out on a projected image from a data projector before officially giving the thumbs up.

Simple IR Pen for Wiimote Whiteboard

12 Replies

My previous foray into using a Wiimote with my laptop led me down the path of building a USB sensor bar so that I can use the Wiimote to control the pointer movements. This approach worked better than expected, but it doesn’t work so well if you want finer control of your mouse pointer. For example, when I was demonstrating the Wiimote integration with my laptop I was quite nervous about the demo not working, and this was made apparent by the shaky lines that I was drawing with the Mouse Gestures. As a result some of the Mouse Gestures did not register.

A better approach would be to do what Johnny Lee did with the Wiimote to create the Wiimote Whiteboard. Johnny Lee used the Wiimote as an IR camera pointed at a projector screen, and created a pen with an LED which the Wiimote can track. This approach provides for more accuracy and smoother movements of the pointer.

The barrier of entry to the Wiimote Whiteboard is creating the IR pen. Johnny Lee suggests wiring up a circuit containing an IR LED, momentary switch, resistor, and power supply, then shoving it into a pen. If you google “IR pen” you will also come up with some complicated solutions. One guy even tried to cram the circuit into a highlighter casing.

Simple IR Penlight for Wiimote Whiteboard

My solution is really quite straightforward. In fact you only need to go to your local electronics store and pick up two items: an LED keyring torch; and an IR LED. When purchasing an LED keyring torch, make sure that you can easily replace the LED. I used this LED keyring torch from Jaycar Electronics. I then pulled the torch apart, pulled out the LED, and replaced it with an IR LED. This solution meant I didn’t have to do any soldering or fiddling around. It all fit together into a nice compact form factor that cost me less than $10, and took no longer than 10 minutes to switch the LED.

Custom built USB Sensor Bar

5 Replies

I had a few days off work to recharge the batteries and was looking forward to heading to the beach, but ended up taking a rain check due to the bad weather. Sydney just had the wettest Summer in years, which was good in a way as it ended up breaking the drought and putting water in the dams. So to make the most of my time off I decided to build my own USB Sensor Bar so that I could get a Wiimote working with my laptop.

If you followed my previous post on getting the Wiimote to work with Ubuntu, then you should be able to move the cursor around using your Wiimote, and using the A and B buttons as left and right clicks respectively. However, using the accelerometer alone for moving the cursor around does not make for a great user experience. To enable the Wiimote to work more effectively you need to setup a point of reference that can be used by the Wiimote driver to calculate the directional movement of the Wiimote accelerometers. This point of reference for the Wii is the Sensor Bar that sites on top of the television set. So you can either buy a battery powered Sensor Bar or make your own USB Sensor Bar. I ended up doing the latter by following the instructions at Terbidium.

To get started you need a USB cable, four infrared LEDs, LED holders, aluminium tubing, electrical tape or heat shrink tubing, and a laptop.

Sensor Bar Components

The USB Sensor Bar is a simple serial circuit that consists of four infrared LEDs that are grafted to an old USB cable.

Soldering USB Cable

You may need to add a resistor into the circuit if your LEDs don’t produce a voltage drop of 5 Volts, which is the standard power source for USB devices. It is worth testing your circuit design on a circuit board as shown below.

Working IR LED Circuit

The circuit is then squeezed into a tight-fitting aluminium tubing that is cut to about 30cm in length. The USB cable hangs out one end of the tubing, and the LEDs sit in LED holders that have been positioned into some neatly drilled holes. The completed USB Sensor Bar is pictured below.

Testing USB Sensor Bar

Wiimote on Ubuntu Gutsy Gibbon

3 Replies

I wrote earlier about using Mingle on a Nintendo Wii as an Agile project management tool. I figured it would be cumbersome to lug around a data projector, laptop, Airport Express, and Nintendo Wii to every meeting in which you want to use Mingle, such as a Showcase or technical stand-up. Not to mention the setup time in establishing a connection between the Wii and your Wi-Fi access point. So wouldn’t it be nice to remove the Nintendo Wii and the Airport Express from the equation and just use the Wiimote with your laptop? Well you can do just that, and it is really easy to setup on Ubuntu!

You find where download mp3 music on player, You need mp3 music download from online mp3 archive

You can follow these instructions or just run the following in a terminal.

  • Install Wiimote drivers using apt-get. Could it be any easier? 
    $ sudo apt-get install libcwiid0 lswm wmgui wminput
  • Test Wiimote connection with your Bluetooth dongle. You should just plug in your USB Bluetooth dongle and Bluez will enable Bluetooth for you, assuming it has a driver that can support your dongle. I just have a run-of-the-mill ASUS Bluetooth dongle. 
    $ wmgui

    Select Connect from the menu and hold buttons 1 and 2 on your Wiimote to make it discoverable. You may need to do this a couple of times before wmgui picks up your Wiimote before timing out. Once connected, wmgui allows you to test the inputs of your Wiimote. You can enable rumble and accelerometer inputs from the menus.

  • Run the mouse emulator. 
            $ sudo modprobe uinput
        $ sudo wminput

    Then put your Wiimote into discoverable mode by holding buttons 1 and 2 together again.

  • The man pages for wminput does not recommend running wminput as root. So run the following command so that you can gain access to /dev/input/uinput without having to use sudo. 
    $ sudo sh -c 'echo "KERNEL=="uinput", GROUP="admin"" > /etc/udev/rules.d/50-cwiid-input.rules' /etc/init.d/udev restart

You should now be able to move the cursor around using your Wiimote, and using the A and B buttons as left and right clicks respectively. However, using the accelerometer alone for moving the cursor around does not make for a great user experience. The wminput driver is configured by default for the accelerometer, and if you want to move windows around with your Wiimote, then you’ll need to use the IR configurations instead. Simply replace the default soft link to the accelerometer config file with the ir_ptr config file.

$ cd /etc/cwiid/wminput
$ sudo rm default
$ sudo ln -s ir_ptr default

The Wiimote now needs a point of reference to use when sending coordinates back to the CWiiD driver. This is what the Sensor Bar is for. The Sensor Bar is simply an array of infra red LEDs that creates a plane for the Wiimote as a point of reference. The plane is used for rotation instructions such as the rotating hand effect on the Wii. You can’t use the Wii Sensor Bar with your laptop as it doesn’t have USB or a compatible connector with the laptop. I ended up building my own USB Sensor Bar, and will write about my experience in a later post. It was relatively simple and works quite well. However, it does require doing a bit of soldering, so if you aren’t comfortable with DIY electronics then I would recommend getting a Nyco battery powered Sensor Bar from eBay.

Testing USB Sensor Bar

Now you should be able to fire up Mingle and start moving those story cards around on your laptop with just your Wiimote!

If you are using a Mac then you might want to try Darwin Remote [Free] or Remote Buddy [Not Free]. Windows users can use GlovePie or WiinRemote.

iBurst on Ubuntu Gutsy Gibbon

8 Replies

I got my iBurst card working on Ubuntu 7.10 (aka Gutsy Gibbon). You need to download the latest iBurst driver called ibdriver, then build and install it. Configure some pcmcia files, run pppoeconf and you should be able to connect to the Internet. The following describes what I did to get my iBurst working on Gutsy Gibbon.

1. Make sure you have libc6-dev installed.

$ sudo apt-get install libc6-dev

2. Download ibdriver 1.3.2 from Sourceforge.

3. Move the tarball to a temporary build folder and untar it.

$ mv ~/Desktop/ibdriver-1.3.2-linux-2.6.20.tar.gz ~/src/build
$ tar zxvf ibdriver-1.3.2-linux-2.6.20.tar.gz

4. Make and install the driver.

$ cd ~/src/build/ibdriver-1.3.2-linux-2.6.20
$ make
$ sudo make install

5. Configure the PCMCIA files.

$ gksudo gedit /etc/pcmcia/config.opts

Add the following at the end of the config file.

# iBurst card
device "iburst_cs" 
   class "network" module "ib-pcmcia"

card "ArrayComm ut02"
    manfid 0x02e3, 0x0001
    bind "iburst_cs"

card "ArrayComm ut02"
    manfid 0x02e3, 0x0002
    bind "iburst_cs"

Create the /etc/modprobe.d/iburst file.

$ gksudo gedit /etc/modprobe.d/iburst

Add the following text to the file, save and close the file.

options ib-net ifname="eth%d"

6. It is a good idea to restart your laptop at this point. Plug in your PCMCIA iBurst card and use pccardctl to check that the card was detected by the driver.

$ pccardctl status

You should see that the device is bound to the “iburst_cs” driver.

7. Run pppoeconf to connect to your iBurst provider.

$ sudo pppoeconf

A text-based menu program will guide you through the next steps, which are:

  • Confirm that your Ethernet card is detected.
  • Enter your username.
  • Enter your password.
  • If you already have a PPPoE Connection configured, you will be asked if it may be modified.
  • Popular options: you are asked if you want the “noauth” and “defaultroute” options and to remove “nodetach” – choose Yes.
  • Use peer DNS – choose Yes.
  • Limited MSS problem – choose Yes.
  • When you are asked if you want to connect at start up, you will probably want to say yes.
  • Finally you are asked if you want to establish the connection immediately.

Once you have finished these steps, your connection should be working.

8. Starting the connection.

$ sudo pon dsl-provider

9. Stopping the connection.

$ sudo poff dsl-provider