I found some info on Google searches to get Windows 7 to join a Samba domain controller.  I have Ubuntu 9.04 Jaunty which runs Samba 3.3.2, which I guess does not work.  You need 3.3.4.   Windows 7 needs a registry change:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters]
“DomainCompatibilityMode”=dword:00000001
“DNSNameResolutionRequired”=dword:00000000

The above need to be added to allow the join to work.  Then find the key below and set those values to 0.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters]
“RequireSignOnSeal”=dword:00000000
“RequireStrongKey”=dword:00000000

The Netlogon values need to be updated, or Windows 7 will not allow domain logons.  You’ll get an error about credentials and no domain controller, or something like it.  Adding the second two will allow the logon.

Adding the registry keys above, plus upgrading Samba, did the trick.  I was able to join Windows 7 to Samba 3.3.4, but I did get a weird error about the DNS suffix being wrong.  I just said OK and left it.  I tried to change it several times after, too, but always get the same error.  System working fine so far though!

As for upgrading Samba, you’ll have to Google that one.  But here’s what I did, in a nutshell. (This is NOT a HOWTO, just a record of my experience, so if you follow this, it might break your system. Just be warned.  A Samba Server book might be nice for more information.)  I had a working domain controller, so I had a SAM database already with SID’s and passwords.  I didn’t want to lose those.  After backing up my server and Samba configs (including all the tdb files) I removed Samba 3.3.2 package from Ubuntu.  Then I downloaded the Samba source tar.gz for version 3.3.4, unpacked and “./configure” and then compiled. (make && make install)

At this point I found all my tdb files and copied them into the default Samba installation, which was different than the Ubuntu package.  I think the original tdb files from Ubuntu are in /var/lib/samba.  I copied all that to /usr/local/samba/var/lock. (the default when compiling from source)  I also setup a link from the original smb.conf in /etc/samba to /usr/local/samba/lib/smb.conf.

Now I’ve got my Windows 7 system logged in and joined to my Samba domain!

Just wanted to add a quick note about this as I couldn’t find a reason why dynamic DNS on my Ubuntu 9.04 system were failing. I had all the right perms, ownership, etc. I even opened up the files to full world writable and still, I got errors that the journal files could not be written to.

Log snippets:

error: journal open failed: unexpected error

jnl: create: permission denied

Learning as I go… there’s a thing in Ubuntu called Apparmor. Never even heard of this. This is what was keeping the files from being written to by the bind daemon.  I guess Apparmor has been in this for a while now, but for several yeas now, I have not run into a situation where I had to mess with it.

Here’s what you change.  And keep in mind, this is NOT the correct way to handle this on a production or public DNS server.  You’ll need to read up more on the correct config for this one.  But on my tiny LAN or at home, here’s what I did.  In the /etc/apparmor.d directory, edit the usr.sbin.named file.  Find the line:

/etc/bind/** r,

Change it to:

/etc/bind/** rw,

Then restart the apparmord daemon.  If your DDNS config in Bind and DHCP are correct, you should start seeing successful updates now.

Here’s a coulple links that were helpful on the DDNS setup:

http://brunogirin.blogspot.com/2007/11/dhcp-and-dynamic-dns-on-ubuntu-server.html
http://ubuntuforums.org/showthread.php?t=274665
http://www.ops.ietf.org/dns/dynupd/secure-ddns-howto.html

Also, I wanted to make a note to myself. Creating a new key for DDNS:

dnssec-keygen -a HMAC-MD5 -b 128 -n HOST dhcp-update-key

That creates keyfiles in which you’ll get your key string, this is added in your dhcpd.conf and named.conf.* files as “secret”.   RTFM dnssec-keygen. and read up on the links above. :)

I love how people always say that a software firewall like IPCop is a “lesser” product than a hardware system. I ran into one site speaking of Netsentron as a hardware solution. I’d also include Endian Firewall and Untangle when we talk about a “linux based hardware firewall”. Well here’s my thought. These systems offer a hardware solution, but aren’t these products really the same thing as the downloaded software version they provide? And if so, these products are really only a “hardware/software bundle”, right? (I think they actually advertise them this way anyway, but my gripe is with all those techs out there under the notion that these are real hardware based products.)

I can’t comment on any Cisco or Sonicwall, hardware firewalls, because I have not used any of them. But are these also just software running on hardware? And the main thing I’ve heard from security people about the lesser quality software products is that they are not good at defending against DOS attacks. Is this really true? Even if so, in the last 10 years I’ve ran some sort of Linux based firewall, whether home-brewed or special firewall distribution, I’ve not once had a break in. I’ve not once had a DOD attack. (THIS IS NOT AN INVITATION!)

Now, I have had a DOD attack directly on and Exchange or IIS server that was port forwarded directly to the Internet. Not pretty! Which is a big reason why I don’t run these systems directly anymore. But this is off topic. (maybe another blog coming!)

I’ll do some of my own research, but maybe if someone out there can shed some light on the deficiencies of a Linux firewall, in particular IPCop or Smoothwall. For my use, IPCop with a few addons, make for a fantastic filtering firewall, provided we pick good hardware to run it, and configure it properly. Is Sonicwall truly better at providing security?

Ah, just thinking out loud again. I am sure someone out there will give me hell for saying things like this. I am not a security expert, not even close. But, sometimes I just wonder about thing.

EDIT 03/08/2010 ::

Since I wrote this article, I’ve since switched to PFSense as my firewall of choice.  It does way more and better than I could do with IpCop. (still like IPcop though!)  PFsense is a FreeBSD based solution.  It can handle multiple WAN connections, can add several interfaces all with IP aliases, and has all the “lock down” rules in place from the start.  Not to mention, there are plugins that make tracking down traffic issues much easier.  I LOVE IT!

The only gripe I might have is in the complexity of the traffic shaper, although, I could actually use it as opposed to trying to figure out the Linux way. (which I never did figure out.)

Having said all that, my original point of the post is still standing.  Who cares if you have a Sonicwall or Pix?  Are they truly more secure?  Are they not also just software running on hardware, making them really just “embedded apps” or a sort?  I think PFSense can run embedded, right?  (Which really just translates to, “I can run this on a flash media drive and on a tiny little computer.”)  So yes, I still need to research this on my own, but I really don’t get what is better about those expensive solutions.  I’d rather have PFSense, or similar, on generic hardware that can be swapped and troubleshooted easier.  Just my opinion.

First thing, when you clone your Linux hard drive with Ghost or Drive Image (or any other imaging software) you might not be able to load Grub. Usually just running some Grub commands off a Linux System Rescue CD will fix it. I think most any bootable Linux Live CD will work. You would run these commands:

After boot, run “grub”. (the following lines are from the “grub>” prompt.)

……………………

find /boot/grub/stage1

    (hd0,0)

root (hd0,0)

setup (hd0)

quit

……………………

You would replace “root (hd0,0)” with whatever is output from the find command above. The above assumes you have /boot on the same root partition.

On IPCop, boot is on a separate partition. So you need to be a little fancier. The key is to tell it what device to use. In the example below, we will assume we know what drive the boot record is on. (hd0,0). Also note, that IPCop because IPCop has boot on a separate partition, running the find command would be like so:

find /grub/stage1

Ok, so using the device command, and since we know our root is on hd0 …
(all on the grub prompt)

……………………

device (hd0) /dev/hda

root (hd0,0)

setup (hd0)

quit

……………………

Now grub should load ok. This would apply to most images/clones made, I think. But, now, what if your distro uses symlinks to represent your hard drives? I ask, because this stopped me from running IPCop off an image. Took me a while to realize two things.

1. IpCop uses symlinks for /dev/harddisk instead of /dev/hda. (Can someone tell me why they do that? Why change that? Every other Linux distro I have used uses /dev/hda1 for the first partition on IDE drive.)
2. When I cloned the system, the grub.conf (also known as menu.lst on other systems) listed the root filesystem as /dev/hda4, and yet, there was no hda4 in dev directory. It didn’t even exist on the old drive, so I have no idea how IpCop was booting!

Solution to #2 above was again to boot to a Linux Live CD, mount the boot partition on hda1, edit grub.conf and change all the /dev/hda4 entries to /dev/hda3, where the root filesystem actually resided.

On number #1 above, I don’t think fixing it actually caused the system to boot, but I did it anyway. While booted to the Live CD, I edited the /etc/fstab file on the hard drive and changed all the entries for /dev/harddisk1 through 3, to point to /dev/hda1 through 3. There is probably a reason for them doing this, but ya got me why. ?? Changing this might bite me it the butt some day, but for now, it boots beautifully!

Oh, and one might ask, why make a drive image of IPCop when they provide a backup and restore feature using floppy? Well, here’s why: 1. I have a ton of add-on programs installed, and they don’t backup. 2. I like an image better than a floppy!

IpCop is an awesome system, and I’ve had zero problems with it over many years now. But, it doesn’t do enough by itself. I mostly like the BlockOutTraffic addon you can install, giving you detailed control over all communication. I also modify the SSH setup to work the way I like it, using certificate auth and custom ports for several users tunneling into our networks. (works way better than VPN!) On some networks, I have to use PopTOP, the PPTP addon for Ipcop VPN. (not by my choice, it’s a requirement by an application we use.) All these might not backup to a floppy, and it’s so fast to make a Ghost image of the drive. You just have to spend a few extra minutes during restore.

Note: I was using IPCop 1.4.16 during all this.

EDIT 10/22 (later that evening…)

For IPCop, YOU MUST boot to an existing drive on /dev/hda that contains a working copy of IPCop and have your newly cloned drive operational as /dev/hdc. When you run grub, and then all the device, root and setup commands, you need to do it like so.

……………………

device (hd0) /dev/hdc

root (hd0,0)

setup (hd0)

quit

……………………

Notice the /dev/hdc above? Don’t ask me why, but when you try to run this from a Live CD, it won’t work. I really would like to know though, because the fact that it doesn’t work drives me nuts. There must be a simple explanation, and I know it’s just my ignorance of the grub boot loader, but this shouldn’t be needed. (and yet it is!) I just don’t have time to figure it out, when I can simply boot an IPCop as hda and run this quickly. Sometimes it is easier to not ask why, and move on. So make a note of this, YOU MUST boot to and IPCop OS with your new drive installed, then run the grub setup. Stupid, but at least it works.

I fought with this one for a while, like several hours. I installed the pptp addon for IPCop, which, by the way, you must Google for. I installed version 0.2.9 (pptpd_0.2.9.tar.gz) and found that on a forum somewhere. If you go to the addon’s from IPCop, you will only find 0.2.6, and that wont work with 1.4.13 or higher. (I might have that version a bit off, but I think that’s right) So Google for that file and you should find the file and ftp server IP. I don’t want to provide that, because I don’t have permission to do so.

Anyway, back to the problem. The pptp addon installed just fine on IPCop, and the admin web gui showed the correct items. I could not, however, get Windows to connect. I always got a 619 error, like that is helpful! On the IPCop /var/log/messages, I found this:
pptpd[5740]: GRE: read(fd=5,buffer=804dc00,len=8196) from PTY failed: status = -1 error = Input/output error

You can see the details on the pptpclient help page:

http://pptpclient.sourceforge.net/howto-diagnosis.phtml#read_eproto

I didn’t know how to do their troubleshooting, especially on IPCop. But then it occurred to me, find pppd, and ask it for help!

I ran this: /opt/pptp/sbin/pppd –help
Returned: /opt/pptp/sbin/pppd: error while loading shared libraries: libpcap.so.0.8.3: cannot open shared object file: No such file or directory

Ah-HA!!!

Run this on IPCop 1.4.15 while in the /usr/lib directory: ln -s libpcap.so.0.9.5 libpcap.so.0.8.3

BINGO! Windows can connect! From Vista no less!

Oh, and I know that PPTP is not the best as far as security goes, but it is the only thing I can use. I am running several Wifi Palm devices with a PPTP client on them for Hotsyncing on the Internet. I realize there is another product available that uses IPSec, but that is quite expensive per device. Plus that solution might run into a lot more hassle for the users while on the road trying to connect over hotspots, because IPSec may be blocked. PPTP is just more compatible. I’d really prefer to have an SSL based VPN on the Palm, but I don’t know of one available. So, for now, I’ll at least suffer with PPTP instead of opening my hotsync up to the world. Not perfect, but I can lock down the connection with IPcop too. (sounds like another blog… J )

Gregs Uberfast version:

Linux:

openssl genrsa -des3 -out CA.key 1024
openssl req -new -key CA.key -x509 -days 3650 -out CA.crt
chmod 400 CA.key
chmod 400 CA.crt

(the above made a new CA, you want to install the crt into IE’s trusted certs.)

Win:

Make cert request in IIS – take to Lin.

Linux:

(All one line)
openssl x509 -req -days 3650 -in certreq.txt -CA CA.crt
-CAkey CA.key -CAcreateserial -out mail.server.crt

Win:

Take that mail.server.crt and install in IIS. People browsing yoru site will get a “not valid CA” type error, especially in IE7, and they’ll need to accept that. Otherwise, you need to buy a real cert. If it’s only your users on the site, then just have them install the CA.crt into IE, as then they will trust the authority/key from the web server. Every user will need to do that.

Statically/manually define/set duplex on linux network card
Use mii-tool or ethtool

//////////////////////////////

A Note About Duplex Settings

By default, Linux NICs negotiate their speed and duplex settings
with the switch. This is done by exchanging electronic signals
called Fast Link Pulses (FLP). When the speed and duplex are forced
to a particular setting the FLPs are not sent. When a NIC is in
auto-negotiation mode and detects a healthy, viable link but receives
no FLPs, it errs on the side of caution and sets its duplex to
half-duplex and sometimes it will also set its speed to the lowest
configurable value. It is therefore possible to force a switch port to
100 Mbps full duplex, but have the auto-negotiating server NIC set
itself to 100Mbps half-duplex which will result in errors. The same is
true for the switch if the switch port is set to auto-negotiate and
server NIC is set to 100 Mbps full duplex. It is best to either force
both the switch port and server NIC to either auto-negotiate or
the same forced speed and duplex values.

//////////////////////////////

//////////////////////////////// mii-tool

/////////////////////////////////////////////////////////////

[root@bigboy tmp]# mii-tool
SIOCGMIIPHY on ‘eth0′ failed: Operation not supported
eth1: 100 Mbit, half duplex, link ok
[root@bigboy tmp]#

[root@bigboy tmp]# mii-tool -v
eth1: negotiated 100baseTx-FD, link ok
product info: vendor 00:10:18, model 33 rev 2
basic mode:   autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising:  100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
[root@bigboy tmp]#

mii-tool -F 100baseTx-FD eth0

//////////////////////////////// Ethtool

/////////////////////////////////////////////////////////////

[root@bigboy tmp]# ethtool eth0
Settings for eth0:
Supported ports: [ TP MII ]
Supported link modes:   10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Supports auto-negotiation: Yes
Advertised link modes:  10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Advertised auto-negotiation: No
Speed: 100Mb/s
Duplex: Full
Port: MII
PHYAD: 1
Transceiver: internal
Auto-negotiation: off
Supports Wake-on: g
Wake-on: g
Current message level: 0×00000007 (7)
Link detected: yes
[root@bigboy tmp]#

#
# File: /etc/sysconfig/network-scripts/ifcfg-eth0
#
DEVICE=eth0
IPADDR=192.168.1.100
NETMASK=255.255.255.0
BOOTPROTO=static
ONBOOT=yes
ETHTOOL_OPTS=”speed 100 duplex full autoneg off”

////////////////////// or
ethtool -s eth1 speed 100 duplex full autoneg off

Uber quick howto:  (based on Debian)
1. Make sure ssh, rsync and sudo are installed and working.
2. Add a user account,  on remote system.
2.a Add a certificate with openssl or ssh-keygen (look that up elsewhere)
2.b Make sure the cert is unencrypted with no password. Yes,  that is a slight security concern, HOWEVER, if you are very careful to secure that private key, you are ok.  In other words, don’t share it or let it out!
2.c Add your public key to your new users /home/username/.ssh/authorized_keys file.  (how to’s for this stuff are on the web)
2.d Test this user’s login and make sure it logs you in from your local machine.
3.  Now, this new user is unprivileged, so you need to use sudo for running the remote rsync command.  Add this to your remote machine /etc/sudoers file:

 nameofnewuser	remotemachinename=NOPASSWD:/usr/bin/rsync

Above, you replace with the appropriate names.

4. Copy your private key from the remote machine and save it on the local machine where you will be backing up to.  For example, save it in the local user’s .ssh directory.  /home/localuseraccount/.ssh/private.key

5. You need to create a script.  In the example below, I have an exclude.txt file also, so I can exclude directories and files.  Look that up in the rsync how-to’s.

#!/bin/bash

rsync -avz --rsync-path="sudo /usr/bin/rsync" 	

	--exclude-from=exclude.txt -e

 	"ssh -p 22 -i /home/localuseraccount/.ssh/private.key"

  	remoteuseraccount@remote.server.com:/ /backup/to/path

In case you didn’t catch that, the section above with the rsync command is all one line!

I spent quite a while searching for solutions to this issue:

Reading Package Lists... Error!

E: Dynamic MMap ran out of room

I found several posts and sites that mention updating the cache limit, but that did not work. Here’s what I found though.

First, create the file if it does not exist.
/etc/apt/apt.conf

Then, add this:

APT::Default-Release "stable"; 

APT::Cache-Limit "141943904";

And that did the trick!  You can probably find this lots of places, but it took me too long to find the right fix, so I saved this here for myself!

Have a great day!

Courier Virtual Email Hosting – No SQL Servers

Using USERDB

1. Add the domain(s)
   Add your domain name to esmtpacceptmailfor.dir/default
   Add your domain name to hosteddomains/default
   Then create the courier system files, run:

   makeacceptmailfor
   makehosteddomains

2. Add the users
   You run 2 commands to add a user. (same user/pw for smtp also)
   userdb and userdbpw

   Let’s say we want to add a user account for misc@1stbyte.com.

   1^st create the virtual account home dirs. I save mine in /home/virtual. You will create a sub dir for each domain, then user. And you must create the Maildir folders in this home folder. So it will look like this:
   /home/virtual/domain.com/user
   Run:
   mkdir /home/virtual/1stbyte.com/misc
   maildirmake /home/virtual/1stbyte.com/misc/Maildir
   chown -Rv 999.999 /home/virtual/1stbyte.com/misc
   userdb misc@1stbyte.com set uid=999 gid=999 home=/homevirtual/1stbyte.com/misc
   userdbpw | userdb misc@1stbyte.com set systempw

   userdbpw will ask for a password and pipe into the “set systempw” command and save it into the userdb database. You can see the data in /etc/courier/userdb.

   When you are done run: makeuserdb

3. Setup any aliases

   if you have any aliases, set them in aliases/system. Edit the file and add full email account names like:
   vuser@domain.com: mailaccount@domian.com

   It’s alias: realaccount.
   The can be other domains too:
   fakeuser@accptedmaildomain.com: realaccount@realhosteddomain.com
   info@1stbyte.com: misc@1stbyte.com

   And of course, run: makealiases

Download and unpack Apache and PHP. MySQL 5 is install already. (as per another blog: http://www.1stbyte.com/2006/04/02/mysql-5-upgrade-compiled/

Make sure you have the proper dev packages. In my case I had to install ‘libflex’ and ‘libgdbm-dev’ using apt-get install to install PHP. (I have Debian Unstable)

./configure –prefix=/var/httpd –enable-so –enable-proxy –enable-proxy-ftp –enable-proxy-http –enable-ssl –enable-headers –enable-rewrite –enable-cgi –enable-deflate –enable-mime-magic –enable-dav –enable-dav-fs –enable-userdir –enable-status –enable-info

make && make install

then I copied the original Apache conf from /etc/apache2 to the new root, /var/httpd/conf. I also had to update the httpd.conf file to set the correct server root and other misc server directives, but mostly they were all the same.

Test your install /var/httpd/bin/apachectl start
Goto http://localhost and make sure you get the web site.

Now install PHP.
./configure –with-apxs2=/var/httpd/bin/apxs –with-mysql=/var/mysql5010 –with-mysql-sock=/tmp/mysql5.sock –prefix=/var/httpd/php –with-config-file-path=/var/httpd/php –enable-force-cgi-redirect –disable-cgi –with-zlib –with-gettext –with-gdbm

make
cp -p .libs/libphp4.so /var/httpd/modules
cp -p php.ini-recommended /var/httpd/php/php.ini

I then put these into httpd.conf

<IfModule mod_php4.c>
AddType application/x-httpd-php .php .phtml .php3
AddType application/x-httpd-php-source .phps
</IfModule>
LoadModule php4_module modules/libphp4.so

then ran:
make install

Edit: 10/25/05

Additional new notes:

When configure is run, I do it this way now:

./configure –prefix=/var/httpd –enable-so –enable-proxy –enable-proxy-ftp –enable-proxy-http –enable-ssl –enable-headers –enable-rewrite –enable-cgi –enable-deflate –enable-mime-magic –enable-dav –enable-dav-fs –enable-userdir –enable-status –enable-info –enable-cache –enable-disk-cache –enable-mem-cache

And…

For setup with Zope I am running ProxyPass instead of Rewrites:

ProxyRequests On ProxyPass / http://127.0.0.1:18080/VirtualHostBase/http/www.adomain.com:80/clients/adomain_com/VirtualHostRoot/ ProxyPassReverse / http://127.0.0.1:18080/VirtualHostBase/http/www.adomain.com:80/clients/adomain_com/VirtualHostRoot/ ProxyRequests On ProxyPass / http://127.0.0.1:18080/VirtualHostBase/http/domain.1stbyte.org:80/clients/domain_com/VirtualHostRoot/ ProxyPassReverse / http://127.0.0.1:18080/VirtualHostBase/http/domain.1stbyte.org:80/clients/domain_com/VirtualHostRoot/

When you add the PHP config, you need to first add flex.

apt-get install flex

Also, the httpd.conf additons are partially done in the mods-enabled folder for php.conf.

I just upgraded my MySQL server from 5.0.7 to 5.0.10. I wanted to make a few notes about what I did to set it up.

1. I compiled MySQL 5.0.10-beta.

./configure --prefix=/var/mysql5010
--with-unix-socket-path=/tmp/mysql5.sock
--with-mysqld-ldflags=-all-static
--enable-assembler
--with-low-memory
--with-named-curses-libs=/lib/libncurses.so.5
--with-mysqld-user=mysql

2. Did a make && make install
3. Stop mysql507 (on my server I created a script to stop and start mysql and mysql5, this way I can easily run both servers at the same time) stopmysql5
4. mkdir /var/mysql5010/var
5. cp -Rv /var/mysql507/var/* /var/mysql5010/var
6. Chmod -Rv mysql.mysql /var/mysql5010
7. Updated the startmysql5 script to point to the new path (var/mysql5010), same with stopmysql5 script.
8. startmysql5

And I was running!  Now, this might not work on future versions, particularly since MySQL 5.x is in beta right now.

I did not recompile MySQLdb yet, as it is working fine for me, however it might be wise.  In fact, I really should do that because the libraries are pointing to the /var/mysql507 directory.

Edit: 10/25/05

The config options here are for a smaller/slower server.  Use this for normal servers with decent amount of RAM:

./configure --prefix=/var/mysql
--with-unix-socket-path=/tmp/mysql.sock
--with-mysqld-ldflags=-all-static
--enable-assembler
--with-named-curses-libs=/lib/libncurses.so.5
--with-mysqld-user=mysql
--enable-thread-safe-client

This also enables the Thread Safe client, which will work better with mysql-python modules.

Wow! This has turned out to be a real pain.  Below is a process I started, but ran into issues.  I could see the module, but it would never make a Wlan0 to access using iwconfig or ifconfig.

I tried this on the Trendnet TEW-229UB and the TEW-424UB.  Maybe because they are cheap devices, but heck, I spent something like $25 for both, and in Windows, they work perfectly.

After I had depmod -a and the ndiswrapper module listed (lsmod), everything seemed ok.  The syslog had no errors on the 424, but never showed the wlan0.  I could run lshw -C network, but would only show the wired adapter.  I could run lsusb, and it would show the device.  I could even run ndiswrapper -l and the device showed installed and hardware present.  So, what the hell?  No errors, everything working, but no WLAN0 shows up?

If I find more info, I’ll post it.

1. make sure the ndiswrapper package is installed, so do that.
2. Make sure that the wireless-tools package is installed. Probably is from the initial install.
3. Get your wireless driver for Windows XP.
4. Unpack the driver somewhere, then cd there and run ndiswrapper on driver. Something like so:
   ndiswrapper -i driver.inf

   I installed the Trendnet TEW-229 and that was:
   ndiswrapper -i sis162u.inf

5. Then let ndiswrapper setup the module.
   ndiswrapper -m
6. Then run: depmod -a
   After that you’ll see the ndiswrapper module when you run lsmod.

And from here I can see the module, but don’t know what to do… I’ll try to figure it out though, and write it here!

Here’s a quick post based on a Python Script I made in Zope to display the data from a ZSQL method in a 2 column table layout. Not that big of a deal, but I wanted to save this because it took a little bit of thought and some learning.
(My original code is all mess up on this, I’ll try to find and repost it.)

## Script (Python) "genlodinfo" ##bind container=container ##bind context=context ##bind namespace= ##bind script=script ##bind subpath=traverse_subpath ##parameters=itemid ##title= ## # Example code:  ################################### """  Author: Greg Fischer  1st Byte Solutions - greg@1stbyte.com   Date: 9/24/05   License: You are free to reengineer  rework, recode, redistribute, resell  or alter this  code in any way you see fit, but you   must give credit to my original work  and you must provide this same license  to those that may receive your distribution  if you do. (just leave my name on it,  and you must offer the same freedom  in your work, that's all)   Purpose: This script will gather  from a zsql method, cat the records  into address records (with exra info),  then generate a table with alternating  rows. In other words, it will fill the table  from left to right, then down a row, 2 columns  wide. """ ###################################  def iseven(n):    """Return true if n is even."""    return n%2==0  def isodd(n):    """Return true if n is odd."""       return not iseven(n)  # Import a standard function, and get the HTML request and response objects. from Products.PythonScripts.standard import html_quote request = container.REQUEST RESPONSE =  request.RESPONSE  rs = context.sql.ap_lodging(itemid) rownum = 1 x = [] for r in rs: 	ritemid = str(r[0]) 	rtqstart = str(r[4]) 	rtqend = str(r[5]) 	rstreet1 = r[12] 	rstreet2 = r[13] 	rcity = r[14] 	rstate = r[15] 	rzip = r[16] 	rnotes = r[18] 	 	lodstr = rtqstart + ' - ' + rtqend + '
' 	lodstr = lodstr + rstreet1 + '
' + rstreet2 + '
' 	lodstr = lodstr + rcity + ', ' + rstate + ' ' + rzip + '
' 	if rnotes <> '': 		lodstr = lodstr + rnotes + '
' 	 	x.append(lodstr)  table = '' tablee = '

' tr = '' tre = '' td = '' tde = '' 	 if len(x) >= 1: 	c = len(x) 	listing = '' 	cur = 0 	for addy in x: 		listing = listing + '' 		#first build the addy with starting table elements 		#first record only 		if cur == 0: 			listing = listing + table + tr + td + addy + tde 		#Now check if this is an odd seq item, 		#just add a new cell and end the row 		if isodd(cur): 			listing = listing + td + addy + tde + tre 		#if this is an even item, it should be on a new row 		#and NOT the first item 		if iseven(cur) and cur <> 0: 			listing = listing + tr + td + addy + tde 			#all good, but if last record, then end row 			#else skip and loop to previous isodd and  			#add a new cell(which ends the row as well) 			if cur == (c - 1): 				listing = listing + tre 		#if this is the last item, end the table 		if cur == (c - 1): 			listing = listing + tablee 		cur = cur + 1 else: 	listing = 'No records'   return listing

And you return the results simply by calling the script in your dtml. something like: dtml-var “path.to.script(itemid=itemid)”

As always, I hope this help someone else out there, not just myself! Good luck!

Ok, here’s my configure command:

 ./configure
--with-apxs2=/path/to/httpd/bin/apxs
--with-mysql=/path/to/mysql
--with-mysql-sock=/tmp/mysql.sock
--prefix=/path/to/httpd/php
--with-config-file-path=/path/to/httpd/php
--enable-force-cgi-redirect
--disable-cgi
--with-zlib
--with-gettext
--with-gdbm
--with-gd
--with-png
--with-png-dir=/usr/lib
--with-jpeg
--with-jpeg-dir=/usr/lib
--with-pdo-mysql
--with-mysqli

I ran into errors trying to run the function imagecreatefromjpeg and imagesx and imagesy. And the system could not find the jpeg libs. On Debian Sarge, you need to run an apt-get install libjpeg62-dev. Also, I ran configure with just the –with-jpeg switch, and it didn’t work. So, I had to also include the –with-jpeg-dir=/path/to/lib. On Debian is was in /usr/lib. After that, it all worked out.

It’s worth noting, you must have libpng, libjpeg, and GD installed as well.  If I remember, GD was already on Debian, or maybe it was in PHP, not sure about that, but I know it must installed.