Using ath0 as bridge in VMware... or almost

Well I couldn’t make my Atheros (ath0) work as a bridged network with VMware… but I made a workaround which I want to share with you guys. Anyways I’ll have it documented if I cant remember what I did later on. I have installed VMware on my Ubuntu laptop and a edgy-alternative (server) as a guest OS within VMware. The way I did this was making my laptop into a router between the “VMware host only” net and my wireless net.

You need to have configured a host only network for your VMware machines, mine is called vmnet1 and is using the network:

192.168.154.0/24

My laptop has the following ip’s:

wireless:    ath0     192.168.20.197 (provided by DHCP)
wired:       eth0     * (not used in this example)
VMware net:  vmnet1   192.168.154.1 (static)
gateway:     default  192.168.20.1

My Ubuntu edgy server has the following ip’s:

wired:       eth0     192.168.154.2 (static)

On my laptop I have made a script that does the following:

INTERNAL=vmnet1
EXTERNAL=ath0

# Enable router functionality
echo 1 > /proc/sys/net/ipv4/ip_forward

# Enabling SNAT (MASQUERADE) functionality on $EXTERNAL
iptables -t nat -A POSTROUTING -o $EXTERNAL -j MASQUERADE

All my rules are set to accept as default, if yours are not you might want to add something like this:

iptables -A FORWARD -i $EXTERNAL -o $INTERNAL -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $INTERNAL -o $EXTERNAL -j ACCEPT

On my VMware guest I have configured eth0 to have the static ipadress 192.168.154.2 and to use 192.168.154.1 as default gateway. The way you set this up depends on you guest OS, but you can also do this manually with:

INTERNAL=eth0

ip a add dev $INTERNAL 192.168.154.2/24
ip link set $INTERNAL up
route add default gw 192.168.154.1

Now test by pinging you host’s gateway (my laptop):

ping 192.168.20.1

Note: You propably want to set you guest OS to be able to use a DNS server.

Random disconnects wit CoovaAP

Through the last week I have played around with CoovaAP on my Linksys WRT54GL… I was just too curious to try it out after my colleague Tomas told me about it :D CoovaAP is a slightly customized version of OpenWRT to make it easy to setup a wireless HotSpot like the one you can connect to on cafés, hotels and such.

CoovaAP comes with pretty much everything out of the box except the FreeRADIUS server. There are some free RADIUS servers around the net which seems to be Coovas intention that people should use. It seems like a really nice pice of software, but for me it was a NO GO.

After installing Coova on my access point I would get randomly kicked off World of Warcraft, even though I was using a wired connection on that machine. Teamspeak and other things seems to be unaffected. I haven’t been digging into what caused this problem, I don’t really have the experience or the time to do anything about it.

Calculate next SID, and why SID already is in base?

Today at work I got an error like the following while I tried to add a new user:

ldapsam_add_sam_account: SID 'S-1-5-21-xxxxxxxxx-xxxxxxxxxx-xxxxxxxxx-3048' already in the base, with samba attributes

I searched the net to find out what the problem was. On some site I found how the SID is calculated:

User-SID: uid*2+sambaAlgorithmicRidBase
Group-SID: gid*2+sambaAlgorithmicRidBase+1

My user had uid 1024 so it seemed to fit just right (I guess sambaAlgorithmicRidBase=1000). But why had another user already got the SID 3048, that would mean that another user had uid 1024?… Exactly! :)

Users for Samba is stored in LDAP. I have split my user- and Windows workstaion accounts (which also needs to be Linux users) into different containers named Users and Computers. When a normal account is created, it only checked for existing uid’s in the Users-container. Because of this I now have 2 users with the uid 1024 (both Windows workstation account and my newly created user account) and now a SID conflict. I should fix the uid check when adding a new user to also check in the Computers-container. Hopes this helps some people with similar problems.

Weblog comments

I just went through a lot of comments which was pending approval. The reason why I haven’t done this before is because I hadn’t noticed that I had pending messages. Though the last few months have been a bit on the slow side. If I had been blogging regular I might have noticed before. Most comments was to my old post about MP3 ripping in sound Juicer. A lot of good tips in between, I’m really sorry guys.

I had like 4000 spam messages which I had to dig through first :(

I’m planning on updating my weblog software soon, perhaps it becomes easier to manage.

Linksys WRT54GL

I’ve bought a Linksys wireless access point some time ago from FON, because I like the concept and it was really easy to setup also. Underneath is an embedded Linux controlling it all. Which is cool in itself.

But I have an IP phone which needs a big port range to be forwarded to it through the firewall. I wasn’t able to define port ranges in the FON webinterface, so to day I finally got the time to try install the software FON have build there product upon: Open Wrt.

What I’m really missing is: The Radius thing FON used. It was a really cool way of securing your wireless connection. I can see OpenWrt have optional packages for this support, but I would rather want it just to work.

Then a colleague pointed me to Coova, which like FON builds upon OpenWrt but it seems it focus on the Radius support. I’ll try that next week… if I got the time. One of Coova’s “Key Features” is traffic shaping, which I would like to play around with now that I have a ip-phone.

For now I’ll just enjoy that I finally got my ip-phone working againg after several months.