Who said this?!

I am not a Windows hater. Its just that I already love using Linux on the desktop and still wishing that I could learn someday how to use Linux on the server.

But I kinda like how the following quote sounds, to wit:

"Windows - a 32 bit extension and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor, written by a 2 bit company without 1 bit of sense."

Any idea of the original author?! I even forgot where I got it.

Ahhh, no more GoogleBot... I hope!

To my surprise, the bandwidth for our website at www.gerona.gov.ph is almost spent. :(

Upon inspection of log statistics with AWSTATS, I was surprised that it was no other than GoogleBot that has been churning our bandwidth. All the while, I thought that the culprit was the Gallery and all the photos on it.

So with my limited knowledge on this webserver stuff, how do I stop GoogleBot from eating our bandwidth?!

Ironically, Google itself provided the answers. I did this search and this search wherein I learned that I have to place a robots.txt at the accessible root (e.g. http://gerona.gov.ph/robots.txt) of our website.

So what are the contents of the robots.txt file?! I find this link very helpful. Even more helpful is this link where it automatically gives you the correct content of the robots.txt file to block specific bots. This webpage is also a good source of information.

As of this writing, I haven't tested if its working but I'm keeping my fingers crossed as GoogleBot is threatening to eat all of our site's bandwidth.

The question is, why is it doing that?! Is it being used by malicious spammers, some sort of vehicle?! I hope to be enlightened. Anyone?

Update: It works! GoogleBot and Inktomi is no longer eating my bandwidth :)

Joomla! did it for LMP

The office of the League of Municipalities of the Philippines thru Mr. Norio Alumno asked me if I can develop a website for them. Since I had no time to do such, I then offered them to try Joomla wherein I can help them learn it.

The TASK: Help three people who don't have any much idea on web publishing, HTML and website design to create a website for a national organization of municipalities in two days... impossible?! Not with Joomla! -- a free open source content management system and the first FOSS I've ever used. Its the software that made me ask "WTF is open source?!"

To make the story short, this is their website after two days of coaching them (with me just talking and them doing everything else): www.lmp.org.ph. I am proud of these guys for the interest and enthusiasm they showed during the training (or is it just coaching?!). They have Sir Norio, the amiable chief of the Research and Information Management Office, Sir Herbert who is an all around go-to guy, and of course my good friend Joseph who managed to create a banner for their website in just a few minutes.

For other government agencies and/or local government units who would like to learn the basics of Joomla!, I am just an email away at daveasuncion[at]gmail.com

Setting up your OOo default page

Some PC users are too accustomed with the MS Word default page setup (8.5" x 11" page size, 1.25" margin on right and left sides, etc.) that sometimes they get annoyed by the default page in OpenOffice... A4 page size, .79" margins on all sides...

Also, I also found that not all new users to OpenOffice.org knows howto change their default page so let me share my way. I guess there are other means to do this and if you have one, just share it here. Here it goes:

Open OpenOffice Word Processor. You'll notice that the side margins are smaller than the default margins in MSWord. First, you have to format the page by clicking Format --> Page. Then click the drop down beside the word Format to choose Letter. The height and width settings will change accordingly to 8.5" x 11".

Change the left and right margins to 1.20". Personally, .79" top and bottom margins are ok for me. Click OK.

Now you have to save the page as a template. Click File --> Templates --> Save. Give a name to your template, let's use LetterDefault. Click OK.

Now we have to set it as default. Click File --> Templates --> Organize and then double click My Templates. There you see the template you have just saved (named LetterDefault), right click on it then left click on the Set as Default Template. Click Close and that's it!

Close OpenOffice Word Processor (you don't have to save the document you are using). Open it again to see if it works. I hope this helps.

Firefox humor video at YouTube.com

I just found about this a few days ago and I just love watching it...

Have fun!

Ang kulit!

Once upon a time, I met this high school student to whom I introduced Ubuntu Linux... and the rest was pure "pangungulit".

He kept sending me emails on a daily basis on anything and everything he learned about Linux. The last time, he now uses Sabayon Linux... Gentoo-based.

He is already becoming a spam to me. One more thing is that it seems all he wants is eye-candy (he is inloved with XGL - Compiz), emulation of Windows software, and downloading viruses then running it on Linux.

Hay, kids.

A matter of choice, then what?!

A lot has been said about the proposed FOSS bill in the congress especially at the PLUG mailing lists where everybody seems to have his or her idea of what the bill should be...

Of course, I have something to say also but I choose to blog it here as it seems there are some members of the mailing lists who are really way too passionate about their beliefs that in the end you'll get tagged by certain terms... especially when you don't agree with them.

Oh well...

I believe in FOSS. I believe that we all should have a choice, and that includes the State or the Government.

Yes, it is a matter of choice... so what's next?

A choice has to be made -- a choice that is based after carefully weighing the scales of reason and that is beneficial to the one who is making the choice.

If ever the proposed FOSS bill will be legislated, then it only means that the State just made its choice. Is there anything wrong with that? FOSS (including open standards and all) will or may be chosen by the State because of reduced cost, interoperability of government information systems will be ensured, assurance that the public may be able access public information to the infinite and among other reasons why other country governments has chosen to adopt FOSS.

As what I understand, the proposed FOSS bill is intended ONLY for the government. If the government wants to use FOSS, so what's wrong with that?

Unless you are a government employee, then you don't have to use any FOSS all. You can CHOOSE to use propriety software in your homes, at the internet cafes, in your schools, or wherever you wish. If you are working in a private company that uses propriety software, the government won't compel you to use FOSS simply because the proposed bill doesn't cover that.

So what's with all the noise?

If you are software developer who doesn't believe in GPL or dislike it, then offer your software to private companies who can afford or prefer your software. That's the company's choice and the government won't even stop that company from choosing propriety software or you from offering your software.

I don't really see how the proposed FOSS bill would take out my, yours, or their freedom of choice. As per the proposed bill, the government must choose FOSS because it thinks that FOSS is good for the government but will not compel you as a private citizen to use or develop FOSS. It is clear that YOU still have your choice.

Let the government choose, the same way it allows us as private citizens to choose what we want or what we see is good for us.

You may choose for yourself but the government can't?! That's scary, ever heard of anarchy?


P.S. I hope they scrap Section 8 of the proposed bill, it doesn't make sense... but nonetheless I hope and pray for its passage.

Sa wakas nakapagBLOG!

Warning: TAGLISH

Wow, super busy ako ng mga nakaraang linggo kaya halos wala na akong time na makapagblog man lang. Pero ok na rin kasi sobrang daming nangyari at dami ko ding natutunan...

Last week, nag-attend ako sa isang Advanced Linux Training Seminar na sponsored ng National Computer Center at ng aming office para sa eLGU project. Ginanap ito sa NCC mismo sa UP Diliman. Gaya ng sabi ko, isa lang akong everyday Linux desktop user kaya napakabasic pa lang talaga ng mga alam ko kaya excited akong umattend.

Ilan lang sa mga natutunan ko ay ang mga sumusunod: mga bagay-bagay tungkol sa Logical Volume Management, Software Raid, sa Xserver at Xorg, sa Cron, booting process, troubleshooting at marami pang iba. Ang gamit pala namin sa training at RHEL 4 kasi tiga Touch Solutions ang nagturo.

Mayroong binigay na parang troubleshooting test nung last day (tslocal, tsnetwork, tsboot). Ang sabi ng instructor eh, iyong last at tanging trainee na galing sa isang LGU daw na nakatapos ng lahat ng mga exercises na iyon eh sa batch the past year at inabot daw ng alas-siyete ng gabi. Weee! Natapos ko lahat before 5 pm! At ako lang nakatapos sa batch namin! Yabang?! Oo, pero happy lang ako kasi ako lang ang hindi computer engineer o kumuha ng computer related course sa batch namin eh...

Nag-attend din ako ng Basic Linux Training conducted by the Development Academy of the Philippines kasi requirement sa Community eCenter project namin. Para akong tanga, at ang masakit.. ung mga batang instructor namin eh tinuring kaming lahat na tanga.

Oh well, I don't question their proficiency pero siguro they should consider na hindi lahat ng magiging estudyante nila eh pare-parehas na first time Linux user.

May itinanong ba naman ako dun sa isang instructor na nagkataong katabi ko... tapos hindi ako pinapansin pero after mga 3 times ako nagtanong... sinagot ba naman ako ng pabalang na "makinig ka sa nagsasalita sa harap para matuto ka ng Linux".

Dang! Puede naman siguro akong napagsabihan ng mas maayos di ba? And besides about Linux din naman ung tanong ko. Oh well, siguro magaling na talaga sila... pero still, I was offended kasi if I was in his case... hindi ako mambabastos ng estudyanteng nagtatanong.

Nasanay kasi ata ako sa Touch Solutions na kapag may naitanong ka eh sinisikap pa rin nilang sagutin kaya dami ko natutunan. Different people, different strokes.

At sa aking obserbasyon, base na rin sa training module na ibinigay nila... mukhang kulang ung training o hindi ito akma para magamit ang mga kaalamang ipinamamahagi upang magamit ito sa isang Community eCenter. May mga puntong may mas madali pang paraan na puedeng magamit upang madaling ma-absorb ng mga participants ang paggamit ng Linux sa desktop o puede ring kulang talaga ang dalawang araw para sa lahat ng topics na dapat pag-aralan.

Ang resulta? May balita ako na marami na sa mga Community eCenter sa iba't-ibang munisipyo ay nagpalit na nang piratang Windows sa kanilang mga PCs. Talagang nakakalungkot kasi pagkakataon na sana ito upang maimulat ang tao sa FOSS.

Ah basta kami sa Gerona, we'll push on with Kubuntu and Ubuntu para maimulat ang aming kababayan sa isang alternatibong mas ligtas gamitin, kadalasang legal na libreng gamitin at magdaragdag sa kanila ng ibayong kaalaman sa computers.

Balik sa Ubuntu, nakainstall ako today ng GyachE Improved. Hanep, deb package na siya. Isang Loell sa ubuntuforums.org na tiga-Davao ang nagpackage nito. Madali siyang install sa aking Ubuntu Dapper at may mga dagdag na features tulad ng puedeng irecord ang webcam session, etc. At mukhang hindi siya buggy hindi tulad ng Gyach Enhanced na kung saan kinuha ang project na ito.

Pero sana matapos na ang Gaim 2 kasi meron na din daw siyang webcam at voice capability, mas masaya na naman yun!

Sarap talaga ng Linux at Open Source, dami taong makikilala at daming bagay na puedeng matutunan.... hindi ka mauubusan!

Camorama, DoTA and Kubuntu

Yesterday, I had my first try to use a webcam on Ubuntu Linux. It was a Logitech QuickCam Messenger ( ID 046d:08f0) issued for our LGU's Community eCenter. As I am keen on installing *buntu on the PCs they gave us (with FC4 preinstalled), my first daunting task is how to make its webcam work.

Ubuntuforums.org came to my rescue as I learned that I needed to get a file at http://home.mag.cx/messenger and run it so that the webcam would work. Unfortunately, the link is dead and so as the site. I searched it thru Google and I was lucky to find the driver (qc-usb-messenger1.1.orig.tar.gz - not the latest) from a certain location I already forgot.

I first had to apt-get build-essential and linux-kernel-header-uname plus camorama (for testing). I then simply ran the .quickcam.sh file in it (as root as it was required) and did a "sudo modprobe quickcam".

And here's my camorama snapshot:

It works nicely with Gyach-Enhanced.

Another thing is that a friend asked me if I could try to ran DoTa in Ubuntu. I, of course, used Wine. DoTA ran as if its a native game in Linux and I'm starting to love it.

I wanted to use Edubuntu on the PCs for our LGUs Community eCenter but the installation borked as it seems that monitor (brand: Giant) has a low frequency thingy... something I am not familiar. Too afraid to tinker with /etc/X11/xorg.conf.

And so I tried the Kubuntu Live CD and it had no problems with the monitor. I copied the archived debs from my Edubuntu PC to the /var/cache/apt/archives of the Kubuntu PCs, edited /etc/apt/sources.list to enable and add the required repositories.. and then did an update.

I only had to download 40mb out of the 170mb but it still took too long as my internet connection is really, really slow. Hint: DIAL-UP.

My first impressions of Kubuntu?! I love Kaffeine and Amarok. Codecs and extra fonts were installed via Automatix = the only installation process I use Automatix nowadays (Too lazy!).

I get to love Konqueror as it works as a browser for files and for the net. System Settings is also OK.

I hate Adept. It sucks. The updater sucks more. I had to install synaptic package manager, easier to use and better interface.

Ahhh... using a webcam, a nice game like DoTA, and the likable interface of Kubuntu makes me somewhat think about the other OS I used to tinker not too long time ago... an OS that is not part of my PC anymore. :) Do I miss it?! Nah, not a bit!

Of Edubuntu Install CD and Irssi

I must admit that I was quite disappointed when I got my order of Ubuntu and Kubuntu CDs. Although the packaging still impresses, I was disappointed that each package only has the one CD... the Live CD.

I am not a fan of Live CDs and besides all I want is an installer CD coz I am already sold with the idea that I want to install Ubuntu on a PC. So when my Edubuntu packages came, I just put it on my bag and left there for days.

Then this morning, I happen to read the carton paper package of one of my Edubuntu CDs and OMG! I was actually amused to find out that it was the Edubuntu Install CD! Oh well, the lessons are 1. Read First and 2. Don't assume too much.

Another thing I learned on a Sunday (at the #ubuntu-ph channel at irc.freenode.net) is about irssi -- a command line IRC client.

Simply type "irssi" at the terminal and then press Enter. To connect to a server e.g. irc.freenode.net, type /server irc.freenode.net and then to join a channel e.g. #ubuntu-ph, type /join #ubuntu-ph and that's it!

Now I know irrsi and loving it. :)

Discoveries...

Yesterday, I found out that when you right click a folder it already has an option to share the folder over the network. Neat. :)

This morning, I found out that my former student now has blog about Linux and he even has his own how-tos. Congrats Jag!

And thru his blog, I also learned that there is an IE4Linux project. However, I don't use IE anymore so I opted not to install it. But then, for those who would like to try it (or it may help run Gunbound on Linux).. here is the link.

Ahhh, the beauty of learning Linux... there are so much to learn that you'll always be a newbie. I love that.

LMP IT Officers Unite!

Last July 27-28, 2006, I attended a "Forum on eGovernance Capability Building" sponsored by the League of Municipalities of the Philippines (LMP), The Asia Foundation (TAF), and the British Embassy at the Astorias Plaza Hotel in Ortigas.

The League of Municipalities of the Philippines (LMP) in partnership with The Asia Foundation (TAF) held the forum as it is their common support for the use of Information and Communication Technology to improve services and operations in the municipalities.

Aside from being a participant, I was also made to talk to introduce Joomla! for the easy creation of dynamic content rich websites.

The forum was also a way for the organizers to organize IT officers in municipalities in the country in one organization under the auspices of the LMP. It is tentatively known as the LMP Association of eGovernance Advocates. The organization was established to promote eGovernance among LGUs and to its constituents and pursue the formulation of a national policy that will ensure the success of local ICT projects.

And to my surprise, I was elected as National President (unoppose and to think that it was my first time to meet the other participants). Personally, I was at the most gunning for the PRO position but I guess they must saw something in me that I wasn't able to.

For starters, we talked about convening all national government agencies concerned and ask them to push for the standarization and interoperability of their info systems (READ: open source), encourage mayors to fully support ICT, push for a enabling law that will allow the creation of permanent ICT positions even if the LGU's allocation for salaries is already over the prescribed limit, and among other concerns.

I am now doing a website for the organization using Drupal (my first try), and has already created a mailing list for the organization at http://groups.yahoo.com/group/LMPeGov.

I was also able to distribute Ubuntu and Kubuntu installer CDs during the event and was able to discuss about our LGU's experience on using Linux on the desktop with my peers. Some of them in fact have signified their intent to ask me for assistance for possible Linux desktop migration.

Personally, I hope I could encourage more LGUs to adopt free open source softwares in their respective LGUs thru the organization. Other than that, I hope I could keep up with the challenge of being the President of the organization. I am excited, obviously.

I have high hopes yet I don't want to push it too much. I don't wanna give my fellow ICT officers too much undue pressure yet I don't wanna waste the momentum and their enthusiasm.

I'll go with the saying "THINK BIG, START SMALL" and so God help me.

Doing the Samba without the Terminals

Assumptions: You're connected to a Local Area Network and your NIC has already been configured with the proper IP and subnet. Of course, basic mouse skills will help. (Addendum to assumptions: You just want a simple share, meaning you just want everybody in the LAN to view, copy, and edit the shared resource.)

Install the samba and smbfs packages with the Synaptic Package Manager. Open Synaptic (System -> Administration -> Synaptic Package Manager) and search for the samba and smbfs packages. Right click on it and then choose install. Click apply. Close Synaptic when finished.

Create a folder in your home directory. Click Places -> Home. Ctrl+Shift+N to create a new folder and name it SharedFolder.

Change its permissions to 777 (or read-write-execute permission to User/Group/Others). Right click on the folder then Properties then click the Permissions tab then make sure all the read write execute check boxes have checks on it.

Now to share the folder... click System -> Administration -> Shared Folders. Click Add. At the Path selection, click the up and down arrows then choose others to browse your home folder.

Now as you see the SharedFolder folder that you just created, make sure you double click on it and not single click. Click Open. Put something on the Name field (like SharedFolder) then also put a check on the Allow Browsing Folder option. Click on General Windows sharing settings. Put anything on the Host Description field, then put your LAN's workgroup at the Domain / Workgroup field (in my case is MYGERONA). Click OK.

For the settings to take effect, you should do something at the terminal but for the sake of avoiding the terminal... just restart your PC. :)

That's it. Tried and tested it with two PCs and one laptop.. all fresh installed with Ubuntu Dapper.

I hope it works for you too. :)

Automatix and just being me...

I remember then when I started using Automatix for Ubuntu, someone told me that I should not use Automatix coz its a badly written program (it was said to use the --force-yes option but according to the developer, it ain't true) and it won't help me learn Linux the right way.

My take? I guess that someone forgot about the fact that not everyone who migrated from Windows to Linux wants to learn Linux. Some jumped in to Linux because they just got tired of viruses, spywares and other malwares while some got hooked with the ideals of GPL... and for so many other reasons but in the end they just want a "just works" Linux box.

Some people want to learn before they use something, but for some people like me, we prefer to use something first and then learn the details later. What drives people like me to learn something is how that something did great for us.

Now, if something doesn't work for me at the onset, why would I even think of learning it? But that is just me...

That is why Automatix helped me a lot on my migration. Remember, I am no developer... and WAS a sucker for the other OS. When I first started Linux, I must admit that I got intimidated with the menu of command lines just to get my Linux box play music and movies or install useful apps.

And no matter how you say it that it was too easy to do this and that, believe it or not, lots of newbies find it hard... yeah, its easy for you to say Linux guru.

Why can't we just let them use tools like Automatix and EasyUbuntu so that they could enjoy their PCs first and then encouraged them later to understand the details? Well, of course, it would be a different view if we are talking about programmers and developers.. but I am talking about myself -- a none programmer who just want to use Linux.

About Automatix as a badly written program, I guess I am too lucky coz I haven't had any problems with it. Never.

Nonetheless, I still thank those who warned me against Automatix. At least, I have been warned of risks and that I appreciate. If I choose to use Automatix and for that you call me an idiot or pathetic then fine with me! But hey, its NOT your PC that I am using, right?

I took my choice... and choice is what open source and Linux is all about.

Now let's all go get a life.

Kubuntu: I want to try!

Sir Chin Wong of the Manila Times issued a challenge to Linux developers that has something to do with providing an easy GUI on SAMBA (network file sharing) and CUPS (printer installation). He uses Ubuntu, by the way.

Wait! I do remember when I was using Mandrake 10.1, there was a nice GUI interface for SAMBA setup and I had no problems sharing my printer on the network. Unfortunately, no more Mandrake 10.1 for me to try on.

But then, I realized that there is Kubuntu which is KDE based just like Mandrake 10.1.

How I wish I could help Mr. Chin Wong by developing such GUI but then I am no developer or programmer so I had to try help him in other ways I can.

And so I will try to install Kubuntu any time this week and share my experiences thru this blog. I hope to get something out of it although quite honestly, a year of using Ubuntu (Gnome-based) has already made me a stranger to KDE. (I really pray that I'll have time to do this.)

By the way, Jon has a very nice how-to on transparent Squid proxying with iptables. Do read it and enjoy.

IpKungfu kicks Firestarter out of my Ubuntu box

For the longest time I'm using Linux, I have been trying to make transparent squid proxy work. I had no problems setting up Squid proxy along with the lines I need to add on squid.conf to make it work but what pains me is how to forward port 80 requests to the squid proxy.

Although I found a few helpful tips and preconfigured iptables-based firewall scripts with Google, I am always baffled by the fact that I don't know how to make a certain script run on bootup with Debian/Ubuntu... and sometimes those scripts don't work or it must be me who doesn't understand those scripts...

Iptables?! No, not for me. Even the tagalized instructions of Jond3rd won't go thru my thick skull. I just don't get it. :( Firestarter only works for me as a firewall and router, but the option to setup a transparent squid proxy doesn't work... any way I do it.

IpKungfu to the rescue! IpKungfu was the first ever firewall I used during my Mandrake 10.1 days. However, as I shifted to Ubuntu it was unfortunate then that it was not available then at the repos (from warty to breezy) so I had to use Firestarter. Good thing that it has finally reached Debian Stable (I think!) and now its in the universe repo of Ubuntu Dapper.

So how did I do it? Here's my how-to for newbies and wannabees. :)

Install IpKungfu (make sure you have the universe repositories enabled)

$sudo apt-get install ipkungfu

Edit /etc/ipkungfu/ipkungfu.conf according to your needs.

$sudo gedit /etc/ipkungfu/ipkungfu.conf

I edited the contents to look like this...

# Please read the README and FAQ for more information

# Some distros (most notably Redhat) don't have
# everything we need in $PATH so we specify it here.
# Make sure modprobe, iptables, and route are here,
# as well as ordinary items such as echo and grep.
# Default is as shown in the example below.
#PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin:/usr/local/sbin

# Your external interface
# This is the one that connects to the internet.
# Ipkungfu will detect this if you don't specify.
#EXT_NET="eth0"
#EXT_NET="eth1"
#EXT_NET="ppp0"

# Your internal interfaces, if any. If you have more
# than 1 internal interface, separate them with
# spaces. If you only have one interface, put "lo"
# here. Default is auto-detected.
#INT_NET="eth0"
#INT_NET="eth1"
#INT_NET="lo"

# IP Range of your internal network. Use "127.0.0.1"
# for a standalone machine. Default is a reasonable
# guess.
LOCAL_NET="192.168.1.0/255.255.255.0"

# Set this to 0 for a standalone machine, or 1 for
# a gateway device to share an Internet connection.
# Default is 1.
GATEWAY=1

# TCP ports you want to allow for incoming traffic
# Don't add ports here that you intend to forward.
# This should be a list of tcp ports that have
# servers listening on them on THIS machine,
# separated by spaces. Default is none.
# ALLOWED_TCP_IN="21 22"

# UDP ports to allow for incoming traffic
# See the comments above for ALLOWED_TCP_IN
#ALLOWED_UDP_IN=""

# Temporarily block future connection attempts from an
# IP that hits these ports (If module is present)
FORBIDDEN_PORTS="135 137 139"

# Drop all ping packets?
# Set to 1 for yes, 0 for no. Default is no.
BLOCK_PINGS=1

# Possible values here are "DROP", "REJECT", or "MIRROR"
#
# "DROP" means your computer will not respond at all. "Stealth mode"
#
# "REJECT" means your computer will respond with a
# message that the packet was rejected.
#
# "MIRROR", if your kernel supports it, will swap the source and
# destination IP addresses, and send the offending packet back
# where it came from. USE WITH EXTREME CAUTION! Only use this if you fully
# understand the consequences.
#
# The safest option, and the default in each case,, is "DROP". Don't change
# unless you fully understand this.

# What to do with 'probably malicious' packets
#SUSPECT="REJECT"
SUSPECT="DROP"

# What to do with obviously invalid traffic
# This is also the action for FORBIDDEN_PORTS
#KNOWN_BAD="REJECT"
KNOWN_BAD="DROP"

# What to do with port scans
#PORT_SCAN="REJECT"
PORT_SCAN="DROP"

# How should ipkungfu determine your IP address? The default
# answer, "NONE", will cause ipkungfu to not use the few
# features that require it to know your external IP address.
# This option is good for dialup users who run ipkungfu on
# bootup, since dialup users rarely use the features that
# require this, and the IP address for a dialup connection
# generally isn't known at bootup. "AUTO" will cause
# ipkungfu to automatically determine the IP address of
# $EXT_NET when it is started. If you have a static IP
# address you can simply enter your IP address here.
# If you do port forwarding and your ISP changes your IP
# address, choose NONE here, or your port forwarding
# will break when your IP address changes. Default is
# "NONE".
#GET_IP="NONE"
#GET_IP="AUTO"
#GET_IP="128.238.244.16"

# If the target for identd (113/tcp) is DROP, it can take
# a long time to connect to some IRC servers. Set this to
# 1 to speed up these connections with a negligible cost
# to security. Identd probes will be rejected with the
# 'reject-with-tcp-reset' option to close the connection
# gracefully. If you want to actually allow ident probes,
# and you're running an identd, and you've allowed port
# 113 in ALLOWED_TCP_IN, set this to 0. Default is 0.
#DONT_DROP_IDENTD=0

# Set this to 0 if you're running ipkungfu on a machine
# inside your LAN. This will cause private IP addresses
# coming in on $EXT_NET to be identified as a spoof,
# which would be inaccurate on intra-LAN traffic
# This will cause private IP addresses coming in on
# $EXT_NET to be identified as a spoof. Default is 1.
#DISALLOW_PRIVATE=1

# For reasons unknown to me, ipkungfu sometimes causes
# kernel panics when run at init time. This is my
# attempt to work around that. Ipkungfu will wait
# the specified number of seconds before starting, to
# let userspace/kernel traffic catch up before executing.
# Default is 0.
#WAIT_SECONDS=5

# This option, if enabled, will cause ipkungfu to set
# the default policy on all builtin chains in the filter
# table to ACCEPT in the event of a failure. This is
# intended for remote administrators who may be locked
# out of the firewall if ipkungfu fails. A warning to
# this effect will be echoed so that the situation can be
# rectified quickly. This is the same as running
# ipkungfu with --failsafe. Default is 0.
#FAILSAFE=0

I only changed the following: Gateway, Local_Net, Block_Pings. I simply uncommented Suspect, Known_Bad, and Port Scan settings to DROP. The ReadMe and FAQ can be found at /usr/share/doc/ipkungfu.

To forward port 80 requests to the squid proxy server port, I opened /etc/ipkungfu/redirect.conf:

$sudo gedit /etc/ipkungfu/redirect.conf

...and changed the line "#tcp:80:3128:internal # transparent squid proxy" to "tcp:80:3128:internal # transparent squid proxy" without the apostrophes of course.

To start ipkungfu everytime the computer boots up, I opened /etc/default/ipkungfu:

$sudo gedit /etc/default/ipkungfu

... and change the line "IPKFSTART = 0" to "IPKFSTART=1".

Fire away ipkungfu!

sudo ipkungfu

I tested the firewall with the ShieldsUp test at grc.com and it passed with flying colors.

I also tested transparent squid proxy by taking a peek at /var/log/squid/access.log...

$sudo tail -f /var/log/squid/access.log

...and there I saw all PCs in our LAN browsing the net, without them knowing that they were actually proxied.

That's it! I have a firewall and router, I was able to forward port 80 requests to the squid proxy server, and I was able to make ipkungfu ran on bootups!

Now, for linux gurus... this must be a piece of cake but for someone like me who does have not any idea about iptables, netfilters, and among other things.. this is already a slice of heaven.

IpKungfu kicks hard! Eeyah!

P.S.: I must say that I have already configured squid proxy and dhcp to work long before I tried on ipkungfu. So if there is anyone interested on my dhcp.conf and squid.conf, I'm glad to share.

Oh my Tangerine!!!

I am done with Vista-like or iMac-like Ubuntu desktops! So here is my Ubuntu Dapper Tangerine desktop for a change...

I love the icons... plus a touch of transparent panels...

Whoa, I am using a wallpaper entitled Uplifted by marko cavka...

Transparent Gnome-Terminal with an orange-skinned XMMS. :)

Dapper at Last!

Finally, I am on Dapper! I used the Edubuntu Dapper Live CD sent to me by someone I don't even personally know... Wendy Acetes from Daly City. Wendy was the first one who offered to give me Ubuntu CDs after I pleaded thru this blog. Thanks Wendy!

Unfortunately, I accidentally scratched the CDs given by Charo when I placed them on my motorbike's compartment. Sayang!

My first impression on Dapper?! One word: FAST! Two Words: Really FAST!

I like how they were able to make it boot faster... and shutdown a lot faster too than Breezy. I also like the default theme - the colors and icons and all those stuff.

However, it seems that they streamlined it to the bare necessities so gone are the other applications you see on Breezy.

My first attempt to update my Dapper box (which I named TEQNIX after this blog) was last Monday. Although not continously, I was able to finish the download of 90 plus updated deb package this morning... including the kernel updates. I am still using dial-up, remember?!

Other applications I have installed were the following (with some help from ubuntuguide.org, automatix, and easyubuntu): Etherape, Firefox plugins (java, flash, mplayer), FrostWire, Gaim 2.0 Beta, gFTP, Gnome-PPP, Java, GnomeBaker, XPad, MS Core Fonts, MPlayer, XMMS, Simple Backup and Restore (ala System Restore), Boot-Up Manager and of course, the much-needed Audio Video Codecs... oh yes, I almost forgot Squid HTTP Proxy, Firestarter, SAMBA and DHCP3-Server which I had no problem setting up as I used the old .conf which worked like a charm.

I had no problems with NVidia Video Card, sound card, my external modem, and war-torn HP printer. No problem too with my dial-up connection setup.

As with the installation itself, its a great idea to have Live CD that has a nice GUI for the installation process but somehow I still prefer the text-based installation on *buntu install CDs. The bottomline, both are good but I prefer text-based.

So far, everything is bliss... as in heaven for me with my Edubuntu Dapper box. Oh well, mababaw lang ang kaligayahan ko eh!

Now, if only someone can give me *buntu InStALL CDs... and that's another story. :)

How do I update an internet-less Ubuntu box: a Repost!

Perhaps the fastest way to update an internet-less Ubuntu box is to bring the CPU to an internet shop, connect it to the Local Area Network with a shared internet connection and then do the “sudo apt-get update”. I guess that’s what Zak has been doing…

But in Linux, it is almost always that there are a number of ways to do things for your PC and this is my way of updating an internet-less Ubuntu box.

On an updated PC where I configured it not to delete the downloaded (and updated) deb packages located at /var/cache/apt/archives, I copy the contents of that folder to a folder on my home directory, thus:

$ sudo cp /var/cache/apt/archives/* ~/Desktop/updeb

I then burned the contents of ~/Desktop/updeb folder to a CD(s) with GnomeBaker or any CD Burning app of your preference.

Now going to the internet-less PC, copy the contents of the CD containing the updated deb packages to a folder at the home directory of the internet-less PC.

$ sudo mkdir ~/deb

$ sudo cp /media/cdrom/* ~/deb

Now go to the directory where you copied the packages

$ cd ~/deb

Do this while in the said directory to create Packages.gz:

$ sudo dpkg-scanpackages . /dev/null | gzip -9c > Packages.gz

Open and edit /etc/apt/sources.list to add the local folder as a repo…

$ sudo gedit /etc/apt/sources.list

Insert the following line at the end of the file…

deb file:/home/username/deb/. /

Save and close the file. Update and upgrade with Synaptic or at CLI!

$ sudo apt-get update

$ sudo apt-get upgrade

P.S.: Make sure you have installed the dpkg-dev package on the internet-less PC from the Ubuntu CD Installer before anything else.

$ sudo apt-get install dpkg-dev

I hope this helps!

Ubuntu Release Party!

Its Ubuntu Dapper Release Party on June 3, 2006 at 3:00 pm at the Coffee Bean and Tea Leaf at Green Belt, Makati! I may attend for pressed Ubuntu Dapper CDs maybe given away plus of course meeting fellow Ubuntites in the Philippines.

Ealden's email announcement regarding this is here.

Now where in the world is my brown shirt?!

Lazy Unmount

Have you ever had this problem of unmounting your CDROM that comes with the error that the device is busy or whatever?!

Now, what you want is to force it to unmount so you do a "sudo umount -f /media/cdrom0".

It won't work. Try to do a lazy unmount instead:

$sudo umount -l /media/cdrom0

and most of the time, it will work. :) It may also work on other devices.

Cheers!

P.S.: If everything else fails, press the CPU OFF button then pull out your CD during boot-up! Now that's lazy unmount! :)

Apt-Get Easter Egg

I was PMed by one of my students (who is now actually better than me) and asked me to do a "sudo apt-get moo" and said that "may lalabas na kalabaw". He must be kidding, right?!

Do it yourself at the terminal. :)

(__)
(oo)
/------\/
/ | ||
* /\---/ ~~ ~~
...."Have you mooed today?"...

Neat.

Dapper CD Please!!!

Dapper CD Please!!!

For the love of Ubuntu, please send me a cd of Ubuntu (or Kubuntu) Dapper (Beta is fine).

I'm still on dial-up that's why I can't download it on my own. My mailing address is at:

David T. Asuncion, Jr.
c/o Office of the Mayor
Gerona Town Hall
Pob. 3, Gerona 2302, Tarlac.

Please! Im dying to have one!

Webserver Down, I Repeat...

Aaarrrrgghhhh!!!

Our webserver for www.gerona.gov.ph is under attack by some bot that eats up our bandwidth...

That is why in only ten days, our 2 Gb bandwidth is gone.

I have to do something but I have to wait for 20 days more. Inis. I will really work hard to transfer it to Joomla or any other open source CMS.

Any suggestions?

Ubuntu Printer Sharing: a Repost

This is a re-issue of my blog post on my previous pseudo tech blog... and its my personal favorite coz it has been a "bestseller". I hope it helps!

I want to share my HP printer (old) to other computers (Ubuntu and Window$ boxes) in a LAN.

There must be some other ways to do it but this is how it worked for me (learned it with Mr. Google):

Backup your /etc/cups/cupsd.conf:

>> sudo cp /etc/cups/cupsd.conf /etc/cups/cupsd.conf.backup

Edit /etc/cups/cupsd.conf:

>> sudo gedit /etc/cups/cupsd.conf

Delete everything in the file and replace it with the values below (replace 192.168.0* appropriately with your LAN configuration):

DefaultCharset notused
LogLevel info
Printcap /var/run/cups/printcap
User cupsys
Group lpadmin
RunAsUser Yes
Port 631
Include cupsd-browsing.conf

BrowseAddress @LOCAL
SystemGroup lpadmin

<Location />
Order Deny,Allow
Deny From All
Allow From 127.0.0.1
Allow From 192.168.0.*
</Location>

<Location /jobs>

AuthType Basic
AuthClass User
</Location>

<Location /admin>
AuthType Basic
AuthClass System
Order Deny,Allow
Deny From All
Allow From 127.0.0.1

</Location>

To enable, do a:

>> sudo /etc/init.d/cupsys restart

On the Ubuntu or Linux boxes where you want to share your printer, open to edit /etc/cups/client.conf:

>> sudo gedit /etc/cups/client.conf

And add the following:

ServerName hostname (hostname or IP of the printer server)

Once this is all setup, you should be able to go to: System -> Administration -> Printing and in the top tool bar you'll see: Global Settings You'll want to make sure the following is checked:

Detect Lan Printers

On the Windows boxes, just add the printer server as you normally do.

To make your printer browsesable in a LAN network, edit your /etc/cups/cupsd-browsing.conf:

>> sudo gedit /etc/cups/cupsd-browsing.conf

Simply replace the word "Off" with "On" (without the ""), don't worry...that file has only one line so you won't ever have difficulties finding it. I guess you have to do a "sudo /etc/init.d/cupsys restart" after this. :)

So that's it! Everybody happy printing their stuff on your HP or any other installed printer on your PC!

UPDATE: To share your printer with Windows PCs, in the add printer wizard there is a step there when you'll have to enter the following lines:

>> http://ip_address_of_server:631/printers/share_name_of_printer

Voila! That's it mama!

Bayanihan: From RPM to Deb?!

Bayanihan Linux 3.1 was my first ever Linux distro. I got my first every Linux distro CD from ASTI office wherein I also bought BL 3.1 black tshirts. I was an instant Linux fan.

It was based on Fedora Core then but it has now switched to Debian thus my excitement! Well, I have nothing against Fedora. I just felt that I will be more "at home" using the new Debian-based Bayanihan Linux as I am currently using Ubuntu Linux... where every installation is only an apt-get away. :)

The following is the annoucement post made by Rage Callao at the Philippine Linux User's Group (PLUG) mailing list, to wit:

Hello everyone,

Bayanihan Linux, a project of the Advanced Science and Technology
Institute of the Department of Science and Technology, has released
the first beta version of Bayanihan Linux 4.

This beta/testing release features:

- Debian Sarge/stable 3.1 based core
- graphical installer
- updated kernel to 2.6.16
- KDE 3.5 desktop
- OpenOffice.org 2
- Firefox 1.5
- Imendio Planner, Kile, KMyMoney2 and Scribus
- GIMP 2.2.10 and Inkscape for graphical editing
- XMMS and MPlayer for audio and video playback
- Guarddog Firewall and Synaptic Package Manager
- Smb4k browser

To download, please visit: http://bayanihan.gov.ph

We welcome suggestions that will help improve this release and
encourage everyone in the local linux community to contribute. If you
would like to participate in its ongoing development please feel free
to contact us at the below email address or visit us at:

ASTI Building, C.P. Garcia Avenue
U.P. Technology Park, Diliman
Quezon City

email: bayanihan@asti.dost.gov.ph

or call: 426-3572

Following is a preliminary to-do list for those who are interested to volunteer:
* testing/patches/bugfixes/
* a working text based installer
* government forms and permission to include these forms in BL
* wallpapers, graphics, themes
* wine tweaks for apps and games


I know this is not as big as Ubuntu but hey, this is our very own! ASTI has also released its CENTos based Bayanihan Server edition. I am already prodding my friend to download them for me. I'll keep you all posted :).