Transparent Proxy on Linux using redsocks

  Adapted form    http://pritambaral.com/2012/04/transparent-proxy-on-linux/ 

This post is targeted at those Linux users behind a network proxy   but cannot set it in an app, or are just plain lazy to go about telling every app to use a proxy. I’ll give a quick rundown of the instructions for those in haste, with geeky details following towards the end. I’m assuming a fairly recent distro here, and I’m targeting the Ubuntu 12.04 release.

What we’ll need:

• A Linux OS (obviously!)
• redsocks (an app, check in your repos, or compile it yourself)
• a text-editor

 On Ubuntu, we have another package that we’ll need, iptables-persistent. But before we install it, let’s set some rules (iptables rules.) Don’t worry, it’s nothing but a bunch a lines in a text file.

*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A OUTPUT -d 10.0.0.0/8 -j RETURN
-A OUTPUT -d 127.0.0.0/8 -j RETURN
-A OUTPUT -d 192.168.0.0/16 -j RETURN
-A OUTPUT -o eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 127.0.0.1:5123
-A OUTPUT -o eth0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 127.0.0.1:5124
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 127.0.0.1:5123
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 127.0.0.1:5124
COMMIT

I saved it as redirect.rules and ran this command:

sudo iptables-restore ./redirect.rules

Now we shall install the package iptables-persitent. During the installation, it will ask you whether you want to save the current rules. Yes, you do. The redirection’s been set-up. Time to get the juicer running.
Install redsocks (if you haven’t already.) Save this in the file /etc/redsocks.conf

base {
 log_debug = off;

 log_info = off;

 log = "stderr";

 daemon = on;

 user = redsocks;
 group = redsocks;

 redirector = iptables;
}

redsocks {
 /* `local_ip' defaults to 127.0.0.1 for security reasons,
 * use 0.0.0.0 if you want to listen on every interface.
 * `local_*' are used as port to redirect to.
 */
 local_ip = 127.0.0.1;
 local_port = 5123;

// `ip' and `port' are IP and tcp-port of proxy-server
 ip = 10.201.13.50;
 port = 80;

// known types: socks4, socks5, http-connect, http-relay
 type = http-relay;

login = "LDAP ID HERE";
 password = "LDAP PASSWORD HERE";
}

redsocks {
 local_ip = 127.0.0.1;
 local_port = 5124;

ip = 10.201.13.50;
 port = 80;

type = http-connect;

login = "LDAP ID HERE TOO";
 password = "LDAP PASSWORD HERE TOO";
}

Make sure you feed your own LDAP IDs and passwords. AT BOTH LOCATIONS. Feed your password as-it-is, no matter what special character it has. (Unless, of course, it’s a double-quote itself! Bit of a soup there.)
Now either restart your system, or run sudo service redsocks start
Voila! You have the ultimate solution to proxy! You may (or may-not) set a proxy in Gnome, Firefox, wget, gedit, whatever; it will work. This will not interfere with what you have set in Chrome/Firefox/whatever. In fact, I recommend that you explicitly set a proxy wherever you can. You see, redsocks has a knack of getting in a bundle sometimes (too many pending requests…,) in which case, a simple sudo service redsocks restart should suffice.

This also “fixes” those apps which provide no method of setting a proxy whatsoever, e.g, Gwibber. Sadly, unsupported protocols still won’t work. Sorry, no Thunderbird, no torrents, no irc.
PS: This is the exact same method used by the Android app ProxyDroid to provide system-wide proxy on rooted Android devices.

How to restore missing gnome panel

Open a terminal and try

$gconftool --recursive-unset /apps/panel && killall gnome-panel

How to Convert MTS to AVI in Linux

Try this

 $  ffmpeg -i InputFile.MTS -vcodec libxvid -b 18000k -acodec libmp3lame -ac 2-ab 320k -deinterlace -s 1440x1080 OutputFile.AVI

Setting up a NIS slave server

This note explains how to setup a nis slave server. It is assumed that you have a NIS server running .

  Setup
       Existing NIS server  named  mahalanobis  on 10.107.35.1
       The slave  server is to be set up  is named  gauss on 10.107.35.6

Install ubuntu 10. 04 Lucid on  gauss  10.107.35.6. Setup the network interface and make sure that it works as a standalone machine.


Install NIS software on Gauss

 # apt-get install   portmap nis

Setup the slave as a NIS client

 Edit /etc/yp.conf  and add

ypserver 127.0.0.1
Edit  /etc/hosts on master ( Mahalanobis) and add an entry for slave 
 
10.107.35.6    gauss
Edit  /etc/hosts on  slave ( Gauss) and add an entry for master 
10.107.35.6     mahalanobis

 
Log on to the master server. Add the slave server to the master 
server's database map by editing the /var/yp/ypservers file on the 
master.
 # File: /var/yp/ypservers
mahalanobis
  gauss
 
The make file in the /var/yp directory defines how the NIS server will 
build the database map and how the master will relate to the NIS slave. 
Edit the make file to allow the master to push maps to the slave.


# File: /var/vp/Makefile
 
# Allow the master to do database pushes to the slave
#
NOPUSH=false

Run make command. (You must be in /var/yp )

Iniitialise slave database 
#  /usr/lib/yp/ypinit -s  mahalanobis

On   slave ( gauss) edit /etc/defaults/nis ) Change  the flag NISSERVER to slave

  # /etc/defaults/nis    Configuration settings for the NIS daemons.
#

# Are we a NIS server and if so what kind (values: false, slave, master)?
NISSERVER=slave


Restart   nis services on  slave

  #/etc/init.d/nis restart


Testing

   On a client machine which is being authenticated by the master edit /etc/yp.conf  and change the  ypserv  entry to point to the new slave machine.
Restart nis on that client machine and see if you are able to login.

Mount Ext4 partitios in Windows

Ubuntu partitions are incompatible with Windows, we can not read and write to them  from widows. Ext4 partitions can be read  from windows if you install a simple utility in Windows.
 Download ext2fsd from

  

http://sourceforge.net/projects/ext2fsd/files/Ext2fsd/0.51/

 Find out  Ext2Fsd-0.51.exe from the above site and install it. The following screen shots are self explanatory.

how to clone ubuntu installation

Here is a quick way to  build an exactly similar  ubuntu installation on another computer.

Run
$ dpkg --get-selections >my_pakages

on the machine that you want to clone. Install a clean copy of Ubuntu on the target machine. Copy the file my_packages to the target machine.
Run the following command on the target machine.
$  sudo dpkg --set-selections < ./package_names
$  sudo apt-get -u dselect-upgrade

 Done.

SSH Login Without Password

For this you required to generate your own personal set of private/public pair. ssh-keygen is used to generate that key pair for you.

On the user’s home directory, on the localhost, type

[local-host]$ ssh-keygen -t dsa

This will ask you a passphrase. A passphrase is a sequence of words or other text used to control access to a computer system, program or data. A passphrase is similar to a password in usage, but is generally longer for added security. Once entered the passphrase you will be prompted to enter the same passphrase again for confirmation.

The private key was saved in .ssh/id_dsa and the public key .ssh/id_dsa.pub.
Now, copy the public key to the remote machine

[local-host]$ ssh-copy-id -i ~/.ssh/id_dsa.pub user@remotehost

or if you don’t have ssh-copy-id script installed use

[local-host]$ cat ~/.ssh/id_dsa.pub | ssh user@remotehost "cat - >> ~/.ssh/authorized_keys"

Now on the localhost machine, on GNOME select System > Preferences > Sessions.
Select Startup Programs and add a new entry with this command.

eval `ssh-agent`

ssh-agent is a program that used together with OpenSSH or similar ssh programs provides a secure way of storing the passphrase of the private key.

Open terminal and run ssh-add without any arguments, it will ask your passphrase once.
ssh-add adds identities to the authentication agent, ssh-agent.

[local-host]$ ssh-add

Enter passphrase for /home/vinod/.ssh/id_dsa:
Identity added: /home/you/.ssh/id_dsa (/home/you/.ssh/id_dsa)
That’s it, now login to remote server it will not ask any password or passphrase.

NB: No one else must see the content of .ssh/id_dsa, as it is used to decrypt all correspondence encrypted with the public key.

Childsplay for kids

 Childsplay is a collection of educational activities for young children and runs on Windows, OSX, and Linux. It can be used at home, kindergartens and pre-schools. Childsplay is a fun and save way to let young children use the computer and at the same time teach them a little math, letters of the alphabets, spelling, eye-hand coordination etc.

Childsplay is part of the schoolsplay.org project

Childsplay includes the following games:
 * Numbers - Put the correct operator between two numbers.
 * SoundNpic - A toy for young children with pictures and sounds.
 * Packid - A pac-man game, try to catch the letters.
 * Soundmemory - The classic memory game, with sounds.
 * Fallingletter - Type them before the reach the ground.
 * Findsound - Listen to a sound and find the image to which it belongs
 * Findsound2 - The same as findsound, now with numbers and letters.
 * Pong - The classic game, play alone or against another child.
 * Billiards - Try to shoot the balls into the hole.

Childsplay installation:
  On ubuntu  open a terminal and type

sudo apt-get install childsplay

After installation you can open childsplay from Applications > Education > Childsplay

How to recover deleted files in Ubuntu/Linux

When a file is deleted, only the pointer to the file is overwritten and the original file will still reside in the blocks of the storage device and will be kept there until it is overwritten by another file. In a sense, you can always write a file but you can never delete it. So if you have ever faced the dilemma of trying to recover a deleted file in Ubuntu then look no further. Linux offers a wide range of tools for recovering deleted files. These tools work by retrieving the pointer to the deleted files.

The chief among the recovery tools would be Scalpel. Scalpel is a platform independent command based tool which is small yet very powerful. You can install the latest version of Scalpel (version 2.0) by doing a simple

sudo apt-get install scalpel 

in the terminal.

After installation you need to go to the configuration file of scalpel which resides in

/etc/scalpel/scalpel.conf

Using an editor like gedit open the scalpel.conf file using the command.

sudo gedit /etc/scalpel/scalpel.conf

You will notice that that all the lines in the file are preceded by a comment (#) symbol. Remove the # symbol preceding the file you want to recover.

sudo scalpel "device name/Directoryname/file name" -o "output directory"

The output directory is the directory where you want to restore your deleted files. It should be empty before running the command, otherwise you will get an error. You can also input the deleted filename directly by using -i option.

Lubuntu Desktop on Natty

 If you don't like the default unity desktop , there are several alternative desktops available for Natty. Lubuntu from the LXDE project is one of my favorites.

Lubuntu is a faster, more lightweight and energy saving variant of Ubuntu based on LXDE desktop, the Lightweight X11 Desktop Environment.

• Install Lubuntu in Ubuntu 11.04 by doing the following in Terminal.

sudo apt-get install lubuntu-desktop

• Done. Lubuntu desktop will now be available within your Ubuntu GDM login window as a different session already.

QR code on ubuntu

A QR Code (it stands for "Quick Response") is a mobile phone readable barcode.simply encode a URL into the QR Code and then point a mobile phone (or other camera-enabled mobile) at it. If the device has had QR Code decoding software installed on it, it will fire up its browser and go straight to that URL.

But it doesn't stop there - a QR Code can also contain a phone number, an SMS message  VCard data or just plain alphanumeric text, and the will respond by opening up the correct application to handle the encoded data appropriately courtesy of the FNC1 Application Identifiers that are embedded in the encoded data.

The technical specifications for a QR Code are set down in the ISO-18004 standard so they are the same all over the world, and the only significant variations from one QR code to another (apart from the data it contains) is the number of modules required to store the data.

To make things a bit more robust, the QR Code also contains its own error correction data, internal orientation calibration and self-alignment markers. In this way it doesn't matter whether the QR code is upside down or wrapped around a curved surface, the message will still get through.

You can easily generate QR Code under Ubuntu for this you need to install 'qrencode’ package. In Ubuntu, you can install qrencode using this command:

apt-get install qrencode

Go to terminal and type folloing command to generate QR code image:

qrencode -l L -v 1 -o unixlab.png "http://unixlab.blogspot.com"

Zorin Splash Manager

Zorin Splash Manager  is a cool application with which you can change the  theme  of Ubuntu desktop. The screen shot of the GUI is given below.

  Basically,   Zorin Splash Screen Manager is an application  made for Zorin OS project, a Linux distro based on Ubuntu. It offers the following features.

•  You can install , remove and change the plymouth theme. Here are some additional screen shots on its usage.

How  to install   Zorin Splash Screen Manager

• Download Zorin Splash Screen Manager DEB Package

 
     You can install the deb package  from the command line  or   you just double click of the deb package from nautilus ( this will launch gdeb-gtk)
 

 

Installing android on ubuntu

Here is a small tutorial on developing android apps on ubuntu platform.

 The article has step by step instructions and lots of screen shots.
http://ieffects.blogspot.com/2011/05/android-and-ubuntu-everything.html