GeekyLog - BlueT's LoGeeks, Logics of Geek Thinks.

To content | To menu | To search

Ubuntu

Entries feed - Comments feed

Thursday 2011 March 17

HOWTO: PPTP: Ubuntu Client connect to Windows VPN Server

By BlueT on Thursday 2011 March 17, 02:14

The company I work for just starting to use Windows ISA Server (or whatever) in some places.
And also, they use the Windows server to be a VPN server.
As Micro$oft doesn't officially support OpenVPN, and we don't consider IPsec to be used for end users, they decide to use the fu*king insecure PPTP, which I would definitely never wanna try.
That's where my Nightmare starts.

After some tries, I can use the VPN on my Android phones, and it seems works fine on iPhone, too.
But I just can't get it work on my Ubuntu boxes. The VPN connection just cannot established and I got error in my /var/log/syslog like this:
Mar 17 00:03:13 0xB1uE7 pppd17577: EAP: peer reports authentication failure


No matter what, I got it work in the end, finally.
And these are the steps how to get it work.




  1. $ apt-get install network-manager-pptp
  2. $ sudo /etc/init.d/network-manager restart
  3. Click the NetworkManager Applet
  4. VPN Connection -> Configure VPN -> <VPN> -> Add
  5. Choose <Point-to-Point Tunneling Protocol (PPTP)> -> Create
  6. Fill out those neccessary informations and click Advanced
  7. In Authentication section, CANCEL <PAP>, <CHAP>, and <EAP>, KEEP ONLY <MSCHAP> and <MSCHAPv2> SELECTED.
  8. In Security and Compression section, SELECT <Use Point-to-Point encryption (MPPE)>, and choose Security to be <All Available (Default)>
  9. OK -> Accept -> Close
  10. Now click the NetworkManager Applet
  11. Click VPN Connection and click the profile you just created.
  12. Wait for few seconds till it get connected.
  13. Done.




Hope this HOWTO can save a tree and a kitten.


one comment no trackback

Thursday 2009 September 24

KVM - build ubuntu guest, bridge network and iptables port forwarding

By BlueT on Thursday 2009 September 24, 16:42

Once you install and setup KVM, configure kvm itself and system network bridge interface correctly on your Ubuntu server,
you can now starting to build a guest OS / disk image, run it, and use iptables to forward connections to those new VPSes.


Build guest:

HTTP_PROXY="Proxy_IP:Port" sudo ubuntu-vm-builder kvm hardy \
  --dest 'DEST_DIR'\
  --hostname 'GUEST_HOSTNAME'\
  --ip 'GUEST_IP_YOU_WANT'\
  --arch 'i386'\
  --mem '256'\
  --rootsize '4096'\
  --swapsize '1024'\
  --kernel-flavour 'virtual'\
  --domain 'bluet.org'\
  --mirror 'http://ftp.twaren.net/ubuntu'\
  --components 'main,universe,multiverse,restricted'\
  --addpkg ssh --addpkg vim  --addpkg unattended-upgrades --addpkg acpid\
  --name 'Default_User_Name'  --user 'Default_User_Account'  --pass 'Default_User_Password'\
  --mask '255.255.255.0'\
  --net '192.168.122.0'\
  --bcast '192.168.122.255'\
  --gw '192.168.122.1'\
  --dns '192.168.122.1'\
  --tmp '/dev/shm/'\
  --libvirt qemu:///system ;


Modify that to fit your needs.

Forward "connections to specific port on HostOS" to a specific port on GuestOS (VPS):

Run these commands in HostOS:

$ sudo iptables -t nat -I PREROUTING -p tcp -d HostOS_IP --dport HostOS_Port -j DNAT --to GuestOS_IP:GuestOS_Port
$ sudo iptables -A FORWARD -p tcp -d GuestOS --dport GuestOS_Port -j ACCEPT


For example, if you want to ssh to your VPS, you can pick a spare (not-using by other application) port, and forward "connections to the specified port on HostOS" to the GuestOS's port 22.
Let's say, when HostOS is using IP 192.168.1.2, GuestOS is using IP 192.168.122.2, the choosen port on HostOS is 10022, you can do the following commands.

$ sudo iptables -t nat -I PREROUTING -p tcp -d 192.168.1.2 --dport 10022 -j DNAT --to 192.168.122.2:22
$ sudo iptables -A FORWARD -p tcp -d 192.168.122.2 --dport 22 -j ACCEPT



Finally, you got a configured VPS, you can start running it and ssh into it.

Start the VPS:
If your GuestOS' hostname is "vps01", you can do this to start running it:
$ virsh start vps01
And then ssh into it:
$ ssh -v 192.168.1.2 -p 10022


Refs: KVM document page on ubuntu.com

no comment no trackback

How to flush / clean DNS cache in Linux

By BlueT on Thursday 2009 September 24, 15:45

Sometimes your system caches too much on DNS query / records.

DNS caching helps alot on reducing time and bandwidth when your application needs DNS informations,
but just like anything else in the world; it's not a good thing when it does too over.


Let's see how to flush DNS cache in your system.


In Ubuntu:

$ sudo /etc/init.d/dns-clean restart

For Others:

Flush nscd DNS cache:

$ sudo /etc/init.d/nscd restart
OR
$ sudo service nscd restart
OR
$ sudo service nscd reload
OR
$ sudo nscd -i hosts

Flush dnsmasq dns cache

$ sudo /etc/init.d/dnsmasq restart

Flush caching BIND server dns cache

$ sudo /etc/init.d/named restart
OR
$ sudo rndc flush


Refs: How To Flush Linux / UNIX DNS Cache

no comment no trackback

Sunday 2009 July 12

I need 64bit kernel on my 32bit Ubuntu system...

By BlueT on Sunday 2009 July 12, 06:01

1. I got 4G ram installed on my IBM X61 Laptop, with Ubuntu 9.04 Jaunty Desktop for i386 installed.
2. I need to use my whole 4G of ram bcoz I always has about 400 tabs opened in my Firefox.

All 32bit system can allocat only 33.5G of memory.

X61 uses Intel chips and VGA chip, which is some kind of shit.
Want to improve the xorg's intel driver, you got to install the latest kernel and driver, with UXA mode enabled.
Then, you might get glxgear score about 700~800fps, nice.

Now here comes the problem.
Kernel's PEM conflicts with UXA, and makes the UXA's advanced GPU memory handling unusable.
So I can only have two choice:
1. Use generic kernel and better graphic performance, but only 3G of ram. But my memory is always full.
2. Use server kernel, got whole 4G of ram, but the glxgear score is only about 220fps. Sucks!

With 64bit system, the kernel can natively support to 64G of ram, so I can use 64bit generic kernel with whole my 4G of ram and enjoy the 800fps glxgear score. That's Great!

BUT, How To Install a AMD64 (64bit) Kernel on my i386 (32bit) System?
I did some google search but still find nothing really helpful...

no comment no trackback

Wednesday 2009 July 8

sockstat for Linux

By BlueT on Wednesday 2009 July 8, 08:05

sockstat was only for freebsd, now it's on linux too. something like ‘lsof -i -n’ or ‘netstat -anpe‘.

You can get the 0.3-1ubuntu1 version at the "Builds": https://launchpad.net/ubuntu/+source/sockstat/0.3-1ubuntu1

I download it and install it on my jaunty i386 without any problem.
Intro by chihchun: http://people.debian.org.tw/~chihchun/2009/02/23/sockstat-for-linux/

no comment no trackback