Monday, April 13, 2009

What Your Webmail Choice Reveals About You

I have accounts on all the free web mail services. You name it, I have it. It's partly because I work in web development but mostly because I love collecting e-mail addresses even if they get neglected every now and then.

However, my main web mail account is Gmail, it's been Gmail since 2004 and as the McDonald's ad goes," I'm Lovin It".

The Gmail personality description is so me :-) I wonder if they hired a psychologist for this article.

So which webmail service reflects your personality. Find out here.

Google Talk Group Chat on Pidgin

I'm not sure if it's just me but every time I am invited to a group chat on Gtalk I am given a link to log in to the gtalk web interface.

This has been somewhat annoying that Pidgin doesn't support group chats from Gtalk.

Apparently, I've been annoyed for nothing because Pidgin already supports group chats on gtalk.
I'm just not sure why pidgin doesn't automatically recognize that it's a group chat and just bring me into the conference like it does on Yahoo, MSN or the other IM services it supports.

When someone invites you to join a group chat, you get a message with some text that looks like
private-chat-xxxxxxx@groupchat.google.com and a link that launches your browser that leads you to a page that launches gtalk gadget. Note that "xxxxx" represents some random string that is most likely used to identify the group chat room.

So here's how to join a Gtalk group chat from Pidgin using the above information :

1. Click Buddies from the menu
2. Then click Join Chat
3. In the account drop down, make sure you use a Gtalk account.
4. For the Room textfield, paste private-chat-xxxxxxx
5. For the Server textfield, paste groupchat.google.com
6. Click JOIN

Saturday, April 11, 2009

Recursively add folders and files in CVS

One thing I really like about subversion is that an "svn add" on a folder recursively adds the folders and files inside that directory.

It's not the case with CVS, you can always do a "cvs import" but if you really need to use "cvs add", then you may find the following useful:

To recursively add directories inside a folder that is already under CVS :

find . -type d -print | grep -v CVS | xargs -n1 cvs add

To recursively add files inside a folder that is already under CVS :

find . -type f -print | grep -v CVS | xargs -n1 cvs add

ExtJS Tip : Recursively Opening Nodes in a TreePanel

There was one client who requested an improvement that stuck in the Ajax File Storage UI package that I developed.

This client wanted the user interface to open a particular folder based on the url. For example, http://mysite.com/filemanager/?folder_id=100 should return a page that launches the UI and opens the folder with id 100.

This is a perfectly valid request but there were a few challenges, namely ;
  • the treepanel nodes are loaded using ajax
  • the nodes or folders to open could be several levels deep
The solution had a back-end and a front-end component.

The back-end component involved generating a list of folder_id's that led to the target folder_id. If the target folder is 3 levels deep, this folder list would have 3 folder_ids. Luckily this wasn't too hard to do in OpenACS as the heirarchy of folders in the file storage package is easy enough to get from the database.

The front-end solution is a javascript function that goes thru this list and opens each folder based on the id's on that list. Just in case it is useful to someone using the ExtJS treepanel, here's the code for that function.

    asyncExpand : function(x) {
var treepanel = Ext.getCmp('treepanel');
var node = treepanel.getNodeById(this.config.initOpenFolder);
if(!node) {
var x = x+1;
var nextnodeid = this.config.pathToFolder[x];
var nextnode = treepanel.getNodeById(nextnodeid);
nextnode.on("expand",this.asyncExpand.createDelegate(this,[x]), this, {single:true});
nextnode.expand(true);
} else {
node.select()
node.fireEvent("click",node);
}
}


You will notice that it is an example of a recursive function or a function that calls itself. Allow me to break it down for you.



var treepanel = Ext.getCmp('treepanel');



Of course you need a treepanel, the one I use just happens to have the id "treepanel"



var node = treepanel.getNodeById(this.config.initOpenFolder);



this.config.initOpenFolder is the variable that holds the folder_id that the UI should open into by default. The script calls getNodeById in the hopes of getting a reference to that folder on the treepanel



if(!node) {
var x = x+1;
var nextnodeid = this.config.pathToFolder[x];
var nextnode = treepanel.getNodeById(nextnodeid);
nextnode.on("expand",this.asyncExpand.createDelegate(this,[x]), this, {single:true});
nextnode.expand(true);
} else {
node.select()
node.fireEvent("click",node);
}

If the node does not exist on the first level of the tree, we presume that it maybe on succeeding levels. This is where we make use of the folder_id list that the back-end should create for you, this list should be a javascript array.

In this case it is this.config.pathTofolder. This part of the function ...
  • gets the next id on the list
  • gets a reference to the node with that id
  • assigns a function to the expand event of the node to call asyncExpand with the index of the next folder_id on the list.

When asyncExpand is called again, it will check to see if a node with a folder_id that matches this.config.initOpenFolder exists. If not, it will get a reference to, assign a listener to the expand event and call the expand function of the node with the given index (x) .

The process repeats until the folder with id equal to this.config.initOpenFolder is found.

Monday, April 06, 2009

Are you technically savvy enough to be a PC ?

Ok, so I can believe that Lauren is "not cool enough to be a mac person" because she's on a budget and there is no doubt in my mind that you can find a better deal with a PC just because there are a lot more PC retailers and manufacturers out there.

However, I am having a hard time believing that this guy Giampaolo is tech savvy. Maybe Lauren is a better actress ? ;-)


Saturday, April 04, 2009

Nograles slams OECD

I just had to react to a breaking news item on Inquirer.net about Congressman and Speaker of the Philippine House of Representatives Prospero Nograles slamming the Organisation for Economic Co-operation and Development(OECD) for black listing the Philippines as "a non-cooperative tax haven".

The congressman deserves a round of applause, no, more than applause, a standing ovation for slamming this action of the OECD and further pointing out that it is, in fact, the members of the OECD who are directly or indirectly responsible for the economic crisis the world is experiencing now.

Among its members include the United States, the United Kingdom, Germany, Iceland and Spain all of whom have had financial institutions closed or bailed out of bankruptcy. A full listing of its members can be found here. I just wonder where the OECD was when the financial institutions of its own member nations were making bad choices and imprudent decisions when their economies were booming.

I am no economist but it doesn't take any financial expertise to see how well our local financial institutions have fared compared to the biggest most reknowned institutions abroad. This tells me that, at least in this regard, our government must have done something right.

I really thought crab mentality was a Filipino trait, apparently it's international.

Setting up OpenVPN with dd-wrt for unexpected road trips you don't want to miss

Somehow the words "web worker" and "vacation" don't seem to mix well together.

Web Working on Road Trips

I don't have any solid plans for the holy week but I certainly don't want to miss trips to Tagaytay, Bulacan or the nearby Ocean Park if anybody decides they want to go on a road trip.

Fortunately, finding an internet connection is easier now than ever before. Between Smart Bro, Globe Tatto, commercial and free Wi-Fi services, you're pretty much covered, specially if you won't be wandering too far away from Metro Manila.

You've got your trusty laptop and internet access is not a problem, so what's keeping you from going on that road trip ?

For me, it's secure access to my files and the virtual machines on my home network.

The internet may be more accessible here in the Philippines but it isn't necessarily more secure. In fact the data packets, be it from WiFi, 3G or HSDPA, are transmitted over the air. Anyone, with enough knowhow, the proper hardware and software could possibly capture the data as it is being transmitted.

What's a mobile web worker to do ? The solution, setting up a Virtual Private Network (VPN) .

Is a VPN Overkill ?

I know, it sounds overkill but "VPN" should not connote buying expensive Cisco hardware and VPN software. It's now possible to set up a VPN on your home network with relatively inexpensive hardware like the Linksys WRT54G router (which I happen to own) and free software like dd-wrt.

The first thing to do of course is to acquire a router that supports dd-wrt. This use to be easy as the Linksys WRT54G was the only router that was supported. Today, you have a lot more options from the likes of Buffalo, Asus and Netgear.

I won't discuss how to setup dd-wrt on your router as it's out of the scope of this article. You can find instructions from the dd-wrt wiki and do a search on google to read about how other people have fared in their attempts at installation. Note though that the process is not for the feint of heart. It's gotten easier with each release but there is still a possibility that you will "brick" (the term used to describe a router that has been rendered useless) your router.

dd-wrt has many builds. Make sure to install the vpn build.

What you need for your VPN

In addition to :
  • A supported router, I used a Linksys WRT54G v2.2 router.
  • dd-wrt vpn build, I installed v24-sp1
here are the other prerequisites for setting up the VPN :
  • A desktop or laptop computer with Linux , my desktop is running OpenSUSE v11
  • OpenVPN on the linux desktop, I installed this using the Yast software manager
  • A text editor like Kate or vi
Let me stress that this worked for me using the above hardware and software. If you are using a different router and/or a different version of dd-wrt, you might want to do some more research before attempting this.

You've been warned !!

The computer with OpenVPN is where we generate the certificate files needed to setup the OpenVPN server on dd-wrt. We will not be setting up OpenVPN on this computer.

It is also possible to use windows with the OpenVPN GUI installed instead of a linux desktop but I won't discuss how to do it here.

Step by Step Set Up

Let's get to it.

1. On your linux desktop, open a terminal and become root by using su.
su -
2. Go to /usr/share/openvpn/easy-rsa/2.0
cd /usr/share/openvpn/easy-rsa/2.0
3. Execute the following commands in the correct order
# sets some environment variables to make the succeeding scripts work
source vars

# cleans up any previously created keys if any
./clean-all

# create a certificate
# you will be asked to enter some information
# remember what you entered as you will need to use the same information
# to generate the server key
./build-ca

# create a server key
./build-key-server server

# create the Diffie-Hellman parameters needed by the server
./build-dh
4. The commands above will create a keys folder inside the current folder you are in with the files you need for the next step. Open the files using your chosen text editor.

5. Open a web browser and enter the IP address of your router. If you did not change the default, the IP should be 192.168.1.1. This opens to the web administration interface for dd-wrt

6. Click Services, then under OpenVPN daemon click the "Enable" radio button. This should reveal additional textareas where you need to paste the contents of the files from the keys folder.
Public Server Cert > ca.crt

# note that you only need the portion of ca.crt that starts with
# -----BEGIN CERTIFICATE -----
# and ends with
# ----- END CERTIFICATE -----.

Certificate Revoke List (CRL) > (blank)
Public Client Cert > server.crt
Private Client Key > server.key
DH PEM > dh1024.pem
OpenVPN Config > (see 7 below)
OpenVPN TLS Auth > (blank)
7. For the OpenVPN Config textarea, you will need to decide what IP address range you want to use for the private routing network that will be used by OpenVPN. In the sample configuration below, I decided to use 192.168.2.0 as the private routing network. The push parameter should have the IP and subnet of your local area network.
push "route 192.168.1.0 255.255.255.0"
server 192.168.2.0 255.255.255.0
dev tun0
proto udp
keepalive 10 120
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem

8. Once the textareas have been filled up, click "Apply Settings" and just to be sure, click "Reboot Router" to reboot the router.

Hopefully, the OpenVPN server on your router should be up and running. To verify, use ssh to log into your router and run
ps | grep openvpn
You should see an openvpn process running. If you don't, then you'll need to take the following steps to turn on logging and debug the problem.

Troubleshooting with Logs

To turn on logging, click the Services tab and click the "Enable" radio button under System Log. Leave "Remote Server" blank. Then add verb 5 to your OpenVPN config textarea. Click "Apply Settings". Then log into your router via ssh and execute.
tail -f /var/log/message
Connecting Clients

Now that you have your server up and running. The next thing we want to do is to setup a client computer to connect to the OpenVPN server. If you're on windows, you can download the OpenVPN GUI.

For Linux users, you can use the openvpn applet for the NetworkManager which comes installed by default on most Linux distributions.

Before anything else, you need to create the certificates that your client computers (in this case my laptop) will use to connect to the server.

Login to your linux desktop and go back to /usr/share/openvpn/easy-rsa/2.0, then execute
./build-key client1
where client1 is the name of the client computer you want to connect to. You can also leave it as client1 if you like.

The above will generate 3 files in the keys folder, a client1.crt, client1.csr and client1.key. You need to copy client1.crt and client1.key to the client computer that wants to connect to the server. You also need to copy ca.crt from the keys folder to the client computer.

Click on the NetworkManager applet icon on your linux desktop, then click "VPN Connections" -> "Configure VPN".

Click on the VPN tab, then click "Add", choose "OpenVPN" from the connection type drop down.

In the succeeding form, enter the following information :
Connection name : (enter whatever you like here)
Gateway : (for now enter the IP address of your router)
Type: Certificates (TLS)
User Certificate : point this to the location of client1.crt on the client computer
CA Certificate : point this to the ca.crt file
Private Key: point this to client1.key
You should now be able to use the NetworkManger to connect to your router's OpenVPN server.
We have tested so far that the VPN server works but for this to be actually useful, the OpenVPN server should be able to accept connections from the internet.

Dynamic DNS and the Router Firewall

In quickest way to do this is to sign up to a free dyanmic DNS service.

dd-wrt supports several free dynamic dns services here is a comprehensive how to from the dd-wrt wiki.

Once you have DDNS set up, you need to open port 1194 on the router's firewall in order to accept connections from the internet.

Go back to the dd-wrt web interface, click the Administration tab, then click Commands. Enter the following code and click the "Save Firewall" button.
# Replace 1194 with your OpenVPN port number:
iptables -I INPUT 1 -p tcp --dport 1194 -j ACCEPT
iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT

# change 192.168.2.0/24 to the private routing network you chose earlier
iptables -I FORWARD 1 --source 192.168.2.0/24 -j ACCEPT

You may want to click "Reboot Router" to reboot the router and make sure that openvpn is working with the new start up firewall script.

Connecting for real

The next step is to go on a road trip, find free WiFI and connect to the OpenVPN server.


Have a blessed holy week and advanced happy easter to everyone.


References :
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=35689&postdays=0&postorder=asc&start=0
http://www.dd-wrt.com/wiki/index.php/OpenVPN