Category: Tech Notes

Posted on

Ensuring all traffic goes over an OpenVPN connection

By default, the setup guide described here if you follow the simple server and simple client setup instructions will get you a connection to your VPN server that allows you to tunnel connections through to your VPN server itself, but without any additional settings, you won’t be able to route all your traffic through the VPN.

There’s a number of other steps described in the Advanced section, but from trial and error I’ve found these are the minimum you need.

First, on your Ubuntu server, you need to enable ip_forwarding:

echo 1 > /proc/sys/net/ipv4/ip_forward

Next, you need to enable a forwarding rule for your iptables firewall so that traffic on your 10.8.0.0 network used (by default) on your VPN connection gets routed through from the tun0 interface to the eth0 interface:

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

Lastly, add this command to your /etc/openvpn/server.conf file to force all traffic from the client to get directed to the VPN server:

push "redirect-gateway def1 bypass-dhcp"

Restart your OpenVPN service:

/etc/init.d/openvpn restart

Now you should be good. You can test where your traffic is going by doing a traceroute to a server (www.google.com for example) before and after starting your OpenVPN connection and you should be able to see your traffic going via two different routes.

Posted on

Setting up your own VPN server on Ubuntu Server

There’s a few steps involved to get this working, but this article covers all you need to get a VPN server running on Ubuntu:

https://help.ubuntu.com/12.04/serverguide/openvpn.html

 

To configure a Windows VPN client, I used the OpenVPN windows client, but removed these sections from the example client config file based on other article posts related to some errors I was getting. First, removing these lines removed the userid/password prompting which I didn’t need because I was using certificates:

auth-user-pass
auth-retry interact

Then this section was causing the client to hang during extablishing the connection – removing these lines got it working for me:

management 127.0.0.1 1194
management-hold
management-query-passwords
Posted on

Executing multiple commands with sudo

Some commands won’t execute under sudo (e.g. source on Ubuntu), so to execute these commands, or to execute many commands, use ‘sudo -s’ to get a shell session as the root user, then everything you execute after that point until you exit will be under sudo.

Posted on

Would Jobs have released the iPhone 5?

Given the amount of issues that new iPhone 5 users are having with their new phones, I don’t believe Jobs would have let the new iPhone in it’s current state go out to stores. It’s just not ready. Sure, all new products have teething issues, but the iPhone 5 right now seems to have more than it’s share.

The new Apple Maps app is clearly not ready for primetime. Not only should it have a beta banner across the screen, it should also have a warning flashing on the screen every time you open the app: “Caution! Do not use for real world navigation! Maps shown by this application are for entertainment purposes only!”.

The Amazing iOS 6 Maps has some of the best screenshots so far. Some are just incredible, they’re almost art forms in their own right. Someone could had painted these scenes and put them on display in a gallery… and made good money from them too. Here’s some of my favorites:

It’s almost too easy to make fun of the hilarious screenshots right now because there’s just too many funny examples.

And not too mention the list of other issues that are coming up – CNET has a list of reported issues right now, including:

Needless to say, I’m pretty sure Jobs would not have let this product go out the door. Sure, the issue will get resolved in time, but this product is not currently worthy of it’s Apple logo.

Proudly powered by WordPress