Categories
Errors Hardware Networking Software

Vodafone Mobile Connect – Incorrect Pin code

As I usually use my SIM card in my iPhone, I booted my PC, plugged in the Vodafone USB Mobile Connect modem (HAUWEI 220 or something). I then inserted, with the USB device plugged in, my SIM card, and booted up the Mac (and later on Windows) Vodafone application, to connect my PC to the Proximus 3G network.

This resulted in a constant error; “The pin code was not accepted by the mobile device“.

I of course removed the SIM card each time, and inserted it back in my iPhone, and unlocked it by inserting my code. I didn’t want to lock my SIM card, and made sure I had at least 2 good tries left each time.

As you can let the application remember the pin code, I was 100% sure it were wrong settings. The worst part, was that the application quits after prompting  that message. I reinstalled, searching in the config files, removed all *vodafone* files, tried in Windows, changed my pin code a couple of times (the default 0000 one too), updated the HAUWEI firmware, updated the Mobile Connect client software, rebooted, and when I was about to give up, it hit me like a truck. I’m from the bloody “hotswap generation”. And Vodafone sucks. Seriously. Wasted 2 hours on that. Such a waste of time, such a simple solution.

When inserting the SIM card into the device. UNPLUG THE USB MODEM. INSERT SIM. THEN, NOT BEFORE, INSERT IT IN THE DAMN PC. Start the application. Enjoy. No more dodgy error messages, the application works, and you can connect to the bloody internet.

GG Vodafone. GG hotswap.

Categories
Apple Linux Networking

OpenVPN Linux + Mac howto

A short howto, as I was unable to find any clear ones on the net.

I’m using Mac OS X (Leopard) as client, and a Gentoo server as server/host.

I both tried Viscosity and Tunnelblick on my Mac as OpenVPN software, and Viscosity is probably somewhat easier to configure (using the GUI), it was shareware. So I ended up using Tunnelblick and it seems to be doing its job quite well.

First of all, make sure Gentoo is set up and working as intended. I used my home router as VPN server (having both eth0 and eth1 (= ppp0).

Using this howto, you’ll be able to get the server up and running.

Besides the installation, and perhaps (config) file locations it should be pretty similar on other Linux distros.

As I have dnsmasq running on my server (taking care of DNS) I added the following to the server.conf:

push "dhcp-option DNS 10.0.0.1"
push "redirect-gateway def1"
client-config-dir ccd
route 10.20.30.0 255.255.255.252

Don’t forget to allow DNS requests over tun0 interface in dnsmasq.conf.

The first line tells the server to hand out 10.0.0.1 as DNS server to its connecting clients (10.0.0.1 being the internal eth0 IP of my server).

The 2nd line, tells all clients to route ALL of their traffic through the VPN. I used the VPN to access a website that allowed only Belgian IPs, and I was in The Netherlands at the time I had to access the site (Skynet’s Rock Werchter stream). So I connected through my server at home.

And the 3rd and 4th line are needed if the client access the VPN is on a private IP subnet (like being connected on a WiFi router, using IP 192.168.178.x).

You’ll have to add, in the client-config directory a file per username connecting to the VPN with something similar to this:

iroute 192.168.178.0 255.255.255.0

I’m not entirely sure if you can add multiple iroutes; something I’ll have to figure out when being on a different network.

This is what my client config looks like (vpn-server-name.conf, located in ~/Library/openvpn/):

client
dev tun
proto udp
remote home.tiete.be 9000
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1200
persist-key
persist-tun
ca "ca.crt"
cert "yeri.crt"
key "yeri.key"
tls-auth "ta.key" 1
comp-lzo
verb 3

Yeri being my username. Don’t forget to download and add the ca.crt, user.crt, user.key (located in /usr/share/openvpn/easy-rsa/keys/) and ta.key (located in /etc/openvpn/) you’ve created on the server.

If your client asks for “directions”, pick 1.

Start up server and client software.

Hitting connect in Tunnelblick should connect you to the VPN server, and (in my case) giving me an IP similar to 10.20.30.6. You can check this using “ifconfig” in Terminal.

Client:

tun0: flags=8851 mtu 1500
	inet 10.20.30.6 --> 10.20.30.5 netmask 0xffffffff
	open (pid 20551)

Server:

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.20.30.1  P-t-P:10.20.30.2  Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
RX packets:407595 errors:0 dropped:0 overruns:0 frame:0
TX packets:574351 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:27473209 (26.2 MiB)  TX bytes:603524377 (575.5 MiB)

Don’t forget; when using “tun” as driver, your gateway/VPN server will always have the IP ending on .1 (e.g.: 10.20.30.1).

Now, if you want to route all traffic throug the VPN, like I did, you’ll have to change some stuff in iptables (as the server is also acting as my home router, I already did have a few rules in it).

Allow all traffic through tun0 interface:

iptables -A OUTPUT -o tun0 -j ACCEPT
iptables -A INPUT -i tun0 -j ACCEPT

Allow traffic through the external port 9000 (UDP):

iptables -A INPUT -i ppp0 -p udp -m udp --dport 9000 -j ACCEPT

Enable forwarding and NAT:

iptables -A FORWARD -s 10.20.30.0/24 -i tun0 -j ACCEPT
iptables -A FORWARD -d 10.20.30.0/24 -i ppp0 -j ACCEPT
iptables -A POSTROUTING -o ppp0 -j MASQUERADE

And lastly, as I have Squid running on my server, I want to transparently forward all port 80 requests to the Squid server running on port 8080:

iptables -t nat -A PREROUTING -i tun0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080

That’s about it. You should have a running VPN from your current location to your VPN server. And you’re able to use it as a gateway.

You can always traceroute/tracepath to your VPN server (10.20.30.1). It should only find one hop.

Categories
Errors Linux Misc Networking Software

Imap/Gmail mark as read

I’ve “updated” my previous php-app.

Since today I ended up getting this error:

Warning: imap_open(): Couldn't open stream {imap.gmail.com:993/imap/ssl}[Google Mail]/Spam in /home/yeri/.gmail.php on line 30
Certificate failure for imap.gmail.com: unable to get local issuer certificate: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com - Connection failed.

Simply searching this line:

$open = imap_open ("{imap.gmail.com:993/imap/ssl/}$path"

And editing it to:

$open = imap_open ("{imap.gmail.com:993/imap/ssl/novalidate-cert}$path"

Solves the problem.

This will ignore the Google certificate. Please do double check that imap.google.com really points to Google, and it’s not some kind of DNS issue.

I’ve updated the 1st version, that ignores the certificate.

Categories
Errors Linux Misc Networking Software

Gmail automatic “mark (spam) as read”

I hate having unread mail. I hate having spam. And most of all, I hate spam that asks for attention.

When receiving spam in Gmail, you get the annoying bold Spam (12353434) with ‘12353434’ being the number of unread spam messages.

With the introduction of Gmail Labs I’d hope to see an “automaticly mark spam message as seen” feature, which, well, I haven’t found yet.

Being tired of all these increasing spam numbers, and my daily efforts to “select all unread + mark as read”, I ended up writing a small PHP file which connects to the Gmail (using IMAP, so I asume you’ll need IMAP enabled in your settings..) and marks all spam messages as read. Running this script locally with a curl or cron every X time will solve most of your problems, I hope.

Download the file here (phps) or here (txt).

Or just copy paste it!

< ?php
/*
Gmail "spam mark-as-read"
 
by Tuinslak
www.tuinslak.be
 
v0.01 :: 26/08/2008 . init php codez
*/
 
// Config starts here
 
// Gmail user &amp; pass
$user = "YOU";
$pass = "hiddensecretz";
 
// Debugging - Outputs a list of mailboxes and status on the imap server (1/0)
$listmailbox = 0;
 
// Advanced config :o
 
// "Path" of the (spam) mailbox and/or its name.
// default should be ok with Gmail.
$path = "[Google Mail]/Spam";
 
// End of config
 
$open = imap_open ("{imap.gmail.com:993/imap/ssl}$path", $user, $pass, "", 1) or die(imap_last_error() . "
 
Connection failed.");
 
// debug
if($listmailbox) {
        echo "<strong>Mailboxes:";
        $folders = imap_listmailbox($open,  "{  Gmail  }", "*");
 
        if ($folders == false) {
                echo "Call failed\n";
        } else {
                foreach ($folders as $val) {
                        echo $val . "\n";
                }
        }
 
        echo "</strong><strong>Status</strong>:";
        $status = imap_status($open, "{imap.gmail.com}$path", SA_ALL);
        if ($status) {
                echo "Messages:   " . $status-&gt;messages    . "\n";
                echo "Recent:     " . $status-&gt;recent      . "\n";
                echo "Unseen:     " . $status-&gt;unseen      . "\n";
                echo "UIDnext:    " . $status-&gt;uidnext     . "\n";
                echo "UIDvalidity:" . $status-&gt;uidvalidity . "\n";
        } else {
                echo "imap_status failed: " . imap_last_error() . "\n";
        }
}
 
// Mark as read
$search = imap_search($open, 'UNSEEN');
// print out the array containing $search info
//print_r($search);
 
for ($i = 0; $i &lt; sizeof($search); $i++) {
        $read = imap_setflag_full($open, $search[$i], '\\Seen');
}
 
// and close it down !
imap_close($open);
 
// EOF
?>

If you plan to execute it from shell, don’t forget to add a shebang “#!/usr/bin/php” on line 1 and chmod +x gmail_spamreader.php.

Edit: Please add a comment if you’re using it, just for statistics. 🙂

Categories
Networking

3G Networking

Found a really cool blog post on Twitter yesterday night; really worth the time to read and to understand how 3G is actually working.