Linux Blog

APNIC Box – Linux on a Mikrotik 532a, Part 1 – The Device

Filed under: General Linux — davidapnic at 1:04 pm on Wednesday, November 5, 2008

I put this device together for fun sometime around the start of 2007. The ideas that spawned this was using OpenWRT on a Linksys WRT54G access point. A surprisingly powerful and full Linux distro with all kinds of advanced capabilities running on a Linksys wireless router which I’d previously thought to be a reasonably dumb device with computing power more comparable to a calculator than a PC. The project opened my eyes to embedded devices, and I wondered what device base I should start with. To cut a long story short and for reasons that I can’t even remember anymore I came across the Mikrotik Routerboard 532A and decided that I should start with that.

Conception

APNIC Box Image 1

APNIC Box Image 1

Here’s a picture of the device from the outside with some labels, view the full image to see them.

1. Status LEDs. Blue at the bottom left shows it’s on, orange at the top right shows that there’s wifi activity.
2. Ethernet (eth0)
3. Standard Serial Console (57600, 8 N 1)
4. Ethernet (eth1)
5. Ethernet (eth2)

You’ll notice a PicoLCD unit from mini-box.com on top of the device, I’ll dedicate a separate section to that. For the moment, eth0 connects to a switch and my local lan on the 192.168.100.0/24 range. eth1 holds a public IP and is connected to my first ISP via a ADSL2+ modem (I generally get about 14mbit down and 1.5mbit up stable), and eth2 is connected to the same provider via a separate ADSL2+modem (I get about 16mbit down and 1.7mbit here). The ISP does not bond these connections – I wish :-). They are two entirely separate connections to the same ISP. This isn’t for redundancy as realistically unless you use cable which isn’t available in my area, any fault will usually be with BT (the network/telecoms provider) and so using two separate ISPs won’t really add any great redundancy factor. BETHERE (my ISP) are the only UK ISP that I know of to offer the 24mbit down/2.5mbit up service. Anyway, I guess the speed difference over the two lines is down to one connection to the exchange being slightly shorter or maybe cleaner *shrug*

Article first published at: http://www.adamsinfo.com/apnic-box-linux-on-a-mikrotik-532a-part-1/

Comment spam vent and an idea to combat it

Filed under: General Linux,The Linux Blog News — TheLinuxBlog.com at 10:48 am on Thursday, September 27, 2007

Ok I just have to vent a little. Spam Spam Spam. Spam bots and blog spammers in general are stupid. Why would you spam a site that doesn’t even have comments on blog posts? I don’t get it. I would love to get my hands on the code of these spam bots to see how they are working. It would be so simple for them to actually load the page and grep for the comment link. That way they could stop wasting mine and their time by spamming this site. All comments are marked as spam at the moment since that’s all I’m getting. If some one wants to send me a comment they could go trough the trouble of creating a <FORM> to send one but I think they would just send me mail at owen -at- <thelinuxblog.com>. This generally means that I can delete all of the comments I get as I doubt any one is really going to create a form just to send me a comment.

IP addresses are being recorded and I’ll continue to monitor the situation. Eventually I might do a security scan on repeat offenders and let the ISP of the host know what’s what. It would be nice to catch the spammer but I will settle for the knowing that the owners of the Zombie PC have been warned about the consequences and might send their computer in for repair.

After writing this post I have an idea for a Linux Blog project. The Linux Blog can be the first to submit data. Basically I propose a plugin for WordPress that would monitor comments and send the IP’s of those that were spam (either flagged manually or automatically) to a host. This host would log all of the IP’s submitted and when appropriate take action against them.
This reminds me of a project that I saw a presentation on at CarolinaCon 05. Except this project was targeted at bot nets and aimed to be malicious back or ban the host / subnet completely. This would not be necessary for this project; just a simple mail merge application written in Linux would work.
I suppose the real first step is to see if this application already exists. I’m sure I’m not the first person to think of this.
I guess I need to come up with a quirky name for the project and a plan. It goes without saying that the platform will be Linux and will use open source applications to achieve the final goal. Once research has been done I can either try to add it to my never ending list of projects to complete or find a team of developers willing to work on it.

Bringing The Internet Up After Failure

Filed under: Shell Script Sundays — TheLinuxBlog.com at 9:58 pm on Sunday, September 9, 2007

This Shell Script Sunday is a short one but don’t let that fool you to the power of the shell. This script I wrote earlier in the week due to power spikes at the office. All of our equipment would stay powered on due to UPS’s but unfortunately something with the ISP was not staying on. Once the brownout occurred our router box would still have an IP and seem to be working but it wouldn’t. We had our suspicions about what piece of equipment it was but had no power to fix it. I would renew the IP from the ISP bring the public interface down by using eth0 down and then eth0 up but this was not successful. To fix it from the router I had to actually reset the network. This worked, but we have some services running at the office that I like to access from home. So to fix the problem I wrote a one liner to reset the network if the connection goes down.

ping -c 1 OurISP.com 2> /dev/null > /dev/null && echo > /dev/null || sudo /etc/rc.d/network restart

The techniques in this script are covered in Shell Scripting 101. All this does is ping OurISP.com one time and output the error & standard output to /dev/null. If the ping was successful it does nothing and if the ping failed then it restarts the network. To get it to repeat at an interval I just set it up as a cron job. This did the trick and I now do not have to worry about brownouts.