Turning screen off with "Access IBM" button

My trusty old T43 has a blue "Access IBM" button just above the F-key row that has sat unused ever since I first reinstalled windows. The other day while browsing the thinkpads.com forums I found an interesting use for this button: turning the screen off.

As time passes, I get more and more conscientious about taking care of my laptop. It recently occurred to me that I needlessly leave the screen on for hours on end, shortening the life of the CCFL backlight. My warranty ran out last year and I'm not planning on buying a new laptop in the near future, so I'm keen on taking good care of it. I could configure the different power plans to turn the display off after X minutes of being idle but the Lenovo Power Manager utility crashes each time I open it, and there is no update for that yet.

Plus, pressing the Access IBM button (which I never use anyway) and having the screen turn off, fading into black, is more fun.

On to the instructions; first we need an executable that turns the screen off and then we need to edit the registry so it is executed when the Access IBM button is pressed.


Registry edit

To make the Access IBM button do anything when pressed there needs to be a key in the registry for it. Create the following registry key if it doesn't exist
Inside this key create a new string value named "File". Double click on it and insert the path to the executable in the data field. In my case it was:
All done. Pressing the button now turns off the display (the laptop screen and any other display attached) and the ThinkLight. Moving the mouse or pressing a key on the keyboard turns the monitor(s) back on (not the ThinkLight).


Solution: Using ThinkVantage button to turn off monitor - Thread at thinkpads.com forums with original instructions. Credit to yak, the author of MonitorOff.exe

ThinkPad Button - Information about the different Thinkpad buttons in existence at ThinkWiki

Posted in Uncategorized | Tagged | Leave a comment

Revisiting PPPoE forwarding to PfSense

A few months ago I described how I started using PfSense as a proper gateway. I configured my ADSL router to act as just a modem, forwarding the PPPoE tunnel to PfSense. PfSense would then be in charge of everything related to the internet connection.

I initially did it because I was having to restart the ADSL router every so often. It would lock up, not creating any new connections, which annoyed everyone trying to use the internet. The goal was to have a rock-solid connection that didn't need restarting ever.

A few months have passed and I had forgotten about the last sentence in my initial post: to see whether the situation improved at all, or whether it was still locking up.

During my almost-daily checking up on the site -I am the only visitor, after all. Those stats don't create themselves!- that last phrase caught my eye and I realised I should follow up, for posterity if nothing else.

The result has been as I'd hoped: I haven't restarted the ADSL modem or the PfSense box since I set it up. The only downtime has been when the electricity went out, about 57 days, 03:53h ago.

Posted in Uncategorized | Tagged , | Leave a comment

Automounting Windows samba share with autofs - dollar sign and SELinux woes

The target directory for my (well, the one I got from DokuWiki's wiki vOv) DokuWiki backup script is on a Windows fileserver. I did some searching and the best way to access this share seemed to be using autofs to mount the share only when the local directory it is mapped to is accessed. This way there is no worry that the file server is down when the Linux server boots and tries to mount the network share - which would require manual intervention to resolve (or testing that the share is available in the script). Instead, each time the script is run the share is mounted; and if it does fail for whatever reason hopefully the issue will be fixed for the next execution.

To set up autofs I used the information at this CentOS wiki page. Initially I went with the "Basic Method" because I couldn't get autofs to work. I later found out that autofs was failing because the share name I was trying to connect to had a dollar sign, which I wasn't escaping.

After reading the autofs errors in the system log, I caught on to the fact autofs wasn't even able to find the share, which made me think about having to escape the dollar sign. A few searches later confirmed it, so I tried putting a backslash infront of the dollar sign, which worked. In a way.

Autofs was now spitting out another type of error. SELinux was denying access -like it  always does >:(- to the filesystem or something. Searching the internet didn't provide me with a conclusive solution (I have no idea how SELinux actually works and it seems like a very broad topic). I decided to just disable SELinux at the start of the backup script, and reenable it at the end. Can't get much more jerry rigged than that can you?

Posted in Uncategorized | Tagged , , | Leave a comment

Backing up DokuWiki with rotating backups on a samba share

After procrastinating for a while I got down to setting up backups for our DokuWiki installation: it was getting to the point where it had enough useful information that losing it would be a Disaster. I got cold sweats just imagining having to type all that stuff up again.

Some searching later I found this pretty good DokuWiki backup script over at the official wiki. After customising the script and spending a (long) while mounting a remote samba share, I added the script to the crontab on a daily schedule.

It's now a few weeks later and I have a seven-day rotating set of backups for our documentation, getting backed up both to tape and to a remote fileserver. I had a gander through the backups the other day and noticed, however, that the rotating portion of the script seems to be a bit wonky. Each day's backup folder seems to have a subfolder with a full backup inside it, a few levels deep. For now it's not too serious as it's only a few hundred MB, but it's something I'll have to look into.

Next up are my adventures with dollar-sign-in-the-name samba shares and my misadventures with SELinux. For now though it's bed time, and luckily for me I get to sleep with one less worry on my mind.

Posted in Uncategorized | Tagged , | Leave a comment

Comtrend HG/CT536+ and how to bridge PPPoE connections

Recently I managed to fix my horribly designed -and implemented- home network such that computers accessing the internet no longer had to double-NAT. It has been glorious and extremely stable: much better than having to restart the ADSL router/gateway every day or two.

Nothing lasts eternally though, so just a few months later my network has been shaken up again. Our telephone company cancelled the telephone line instead of cancelling a telephone number alias we had set up. This caused our internet ISP to (obviously) stop providing us with internet. When we finally got the telephone line reinstated we appeared as new customers to the ISP. I took advantage to go through with the possibly-daunting task of upgrading our connection to 20/1. I had been wanting to make the switch for a few years, but horror stories had stopped me from doing so. These horror stories include people not having telephone or internet for 3+ months (sometimes stretching to 9 months).

We were out of internet for at least a month anyway, so I thought I might as well dance with the devil and I took the plunge. The ISP has either sorted themselves out, or, we were lucky. 3 weeks later the internet worked.

It dawned on me that I would possibly have to replace our current ADSL modem/gateway with the new one, which wasn't a happy thought. Maybe it would be crippled and the bridging wouldn't work. We'd be back to double-NATting.

For the first few days I decided not to rouse the evil networking spirits and just used the old modem/gateway, which worked fine. I then discovered that my ISP offers an Annex M profile. To take advantage of the extra upload bandwidth I needed to use the new router they had given me. Woe is me.

The router they gave me is a Comtrend HG/CT 536+. It is different from other routers I've had in that instead of just having 4 regular ethernet ports on the back it has two marked as ethernet, and the other two are "HG" and "IPTV". I didn't pay much attention to that until later.

After setting up the router as a bridge and assigning it the proper IP, activating Annex M, etc. I replaced it with the old router. And crossed my fingers. On cue and not to disappoint me, it didn't work. I spent about 20 minutes fiddling with different configuration options, like the ATM service classes (I don't even know what they do). After none of that worked I thought maybe this router had the same problem as the other one, maybe I had to set the mode to bridge from the wizard, otherwise it didn't 'stick'. I couldn't find the wizard though, and I despaired.

Finally I remembered the IPTV and HG ethernet ports. I'm not using IPTV, but what was the HG for? Either on the shipping box or in the manual I had seen 'Home Gateway'...HG. Maybe in bridge mode it only forwards the connection through the HG port? Yeah.

End result: my network hasn't been cannibalized and I now have more bandwidth. More is better, right?

Posted in Uncategorized | Tagged , , | Leave a comment

Windows 7 open command prompt from right click context menu

Windows XP had the PowerToys, which added useful functionality to the system. One of my favourites was the "CMD Shell here" PowerToy, which opened a cmd prompt with its working directory set to the folder you were in.

Vista incorporated this into the OS, obviating the need for a PowerToy. I was happy with this. Then I installed Windows 7 and the option has disappeared from my context menu.

After a quick search I've come across the following:

  • Holding shift down when right clicking on a folder brings up a few extra options, one of them being "Open command prompt here"
  • Save the following as a .reg file, then right click -> merge it to add an entry to the context menu which creates an elevated (Admin privileges) command prompt:
    Windows Registry Editor Version 5.00[HKEY_CLASSES_ROOTDirectoryshellrunas]
    @="Open Command Window Here (Administrator)"
    @="cmd.exe /s /k pushd "%V""

Read the articles about Windows 7 right click command prompt and elevated command prompt.

Posted in Uncategorized | Tagged , , | Leave a comment

Vista/Windows 7 Links toolbar on taskbar - how to remove 'Open file security warning'

A few years ago I discovered that the links toolbar is a zillion times better than quick launch. The links toolbar allows you to create folders and group common program shortcuts in them. When you click on a folder a menu appears with all the shortcuts.

IE7 changed the way that works with its improved security: now each time you open a shortcut that's in the links toolbar, it asks you if you really want to open the file. This is pretty annoying and so after doing some searching I found this:

To remove the prompt, enter this in a cmd shell that has Administrative Privileges (Start menu -> type cmd -> hold ctrl+shift, tap enter).
cd %userprofile%favorites
icacls links /setintegritylevel (CI)low

To restore the prompt:
cd %userprofile%favorites
icacls links /setintegritylevel (OI)(CI)low

Thanks to 'Jimmy Brush' for this. This and other tips on his Vista FAQ.

Posted in Uncategorized | Tagged , , | 2 Comments

BlackBerry OTA .jad installation without BIS data plan

I recently switched to a low cost mobile telephony operator, Simyo. I get 500mB of internet traffic for 5 EUR a month with them, which is 3 times cheaper than what I was paying for 300mB with my old operator.

One disadvantage to the new operator is that they don't offer BIS, being a low cost operator and all. It doesn't work out too bad for me, all I'm missing is the native internet browser and native email. With Opera Mini and Gmail Mobile it is usually a non-issue...

...until I need to install a program that only offers Over-The-Air installation, like ÜberTwitter, a great BlackBerry twitter client. OTA installations use the native internet browser to download the necessary files, which doesn't work for me.

After some trial and error, I managed to install ÜberTwitter by downloading the .cod files that make up the program onto my PC, then transferring the .jad and .cod files to the BlackBerry. I imagine this will work for any other OTA installation.

What you need:

  • BlackBerry with no WiFi or BIS/BES service
  • microSD card

Steps to follow:

  1. Download .jad file from website.
  2. Open .jad file in notepad.
  3. Search for line with RIM-COD-URL: filename.cod
  4. Obtain .jad file URL (in Firefox, right-click on the .jad link -> copy link location).
  5. Paste URL into browser, replace .jad filename with .cod filename*.
  6. Save .cod file to disk.
  7. Repeat steps 3-6 for any additional .cod files that are mentioned in the .jad file.
  8. Copy all the files (one .jad and however many .cod) to a folder on your BlackBerry's microSD Card.
  9. Go to Media -> BlackBerry button -> explore -> find the folder and open the .jad file.
  10. Install the application.

*Example: if the URL for the .jad file is http://domain.com/ota/program.jad, to get the .cod file the URL would be http://domain.com/ota/filename.cod

Posted in Uncategorized | Tagged | 2 Comments

Eclipse copies .svn folders to bin directory, TortoiseSVN confused

This last trimester we started 'learning' Java in Programming class. The faculty-approved (and heartily encouraged) development environment is Eclipse. Having never used an IDE before I've been surprised by -and quite enjoyed- the hand-holding it provides.

One problem I've had is with the build process and Subversion/TortoiseSVN. Each time I build a project a nasty red exclamation mark appears on the `bin' directory of that project. I hadn't put too much effort into finding out why it was happening until today; I can't stand that goddamned red exclamation mark any more.

To make a boring story a little less so, Eclipse copies the contents of the `src' directory -including `.svn' directories- to the output `bin' directory. This was confusing Tortoise into thinking it had to track source changes in the `bin' directory, which I hadn't actually added to SVN's version control. Even adding the `bin' directory to the ignore list didn't fix the issue. After a quick google I found the solution (and explanation of what the hell was going on): http://francisoud.blogspot.com/2008/07/eclipse-classpath-ad-subversion.html

Thanks Benjamin.

This post brought to you live from the blogosphere—straight from the internet right onto your computer, wow!

Posted in Uncategorized | Tagged | Leave a comment

Jazztel internet, Telefónica router and PfSense firewall - tying all three together

Historically, the network topology at my home has been horrible.

A little background on why it's so foul. Ever since I got ADSL, all the literature I've received regarding the set-up parameters has told me the encapsulation my connection uses is PPPoA with VC-Mux. PfSense and semi-decent routers like the WRT54G only have PPPoE/LLC clients, so I always imagined my resulting configuration was the only possible one.

With that, behold the abomination of a network I have used for a long time:

My convoluted network

My convoluted network

Yes, I was double NATing. At one point I had such a terrible router with no DMZ capabilities that I actually had to forward ports on the ISP router to  PfSense and then in PfSense to whichever tortured client was gasping for visibility on the World Wide Web (the www is the internet is the www rite?).

The router I have currently is a Telefónica-branded ZyXEL P-660R-D1. It's a holdover from an ADSL line we had in another house, and after my WAG54G broke it was all I had.

The other day, for some reason I have now forgotten, I stumbled upon the fact that many PPPoA setups actually accepted and worked if configured as PPPoE. Peeing my pants in excitement I first changed them, and then set about confirming this new morsel of  knowledge. Preliminary results proved that yes, in fact, I could connect via PPPoE! Oh the joy.

I set about configuring it in bridge mode, so as to delegate the PPP session initiation responsibilities to PfSense. Easy enough -I thought- select bridge from this here dropdown menu, choose NAT-none radio option here, click click bleep-bloop-done! Same in PfSense, set the WAN interface to PPPoE, put my username and password in, apply and voilà. Not so much. I couldn't get the PPP link up, and perusing the system log I found lots of this:

May 16 15:55:36 router mpd: [pppoe] outgoing packet is demand
May 16 15:55:36 router mpd: [pppoe] IPCP: Open event
May 16 15:55:36 router mpd: [pppoe] IPCP: state change Initial --> Starting
May 16 15:55:36 router mpd: [pppoe] IPCP: LayerStart
May 16 15:55:36 router mpd: [pppoe] bundle: OPEN event in state CLOSED
May 16 15:55:36 router mpd: [pppoe] opening link "pppoe"...
May 16 15:55:36 router mpd: [pppoe] link: OPEN event
May 16 15:55:36 router mpd: [pppoe] LCP: Open event
May 16 15:55:36 router mpd: [pppoe] LCP: state change Initial --> Starting
May 16 15:55:36 router mpd: [pppoe] LCP: LayerStart
May 16 15:55:36 router mpd: [pppoe] device: OPEN event in state DOWN
May 16 15:55:36 router mpd: [pppoe] device is now in state OPENING
May 16 15:55:45 router mpd: [pppoe] PPPoE connection timeout after 9 seconds
May 16 15:55:45 router mpd: [pppoe] device: DOWN event in state OPENING
May 16 15:55:45 router mpd: [pppoe] device is now in state DOWN
May 16 15:55:45 router mpd: [pppoe] link: DOWN event
May 16 15:55:45 router mpd: [pppoe] LCP: Down event
May 16 15:55:45 router mpd: [pppoe] device: OPEN event in state DOWN
May 16 15:55:45 router mpd: [pppoe] pausing 6 seconds before open
May 16 15:55:45 router mpd: [pppoe] device is now in state DOWN
May 16 15:55:51 router mpd: [pppoe] device: OPEN event in state DOWN
May 16 15:55:51 router mpd: [pppoe] device is now in state OPENING

I spent a few hours trying to get it to work, changing one part of the configuration at a time, rebooting both routers just in case, yadda yadda. In the end I couldn't even connect with my original PPPoA/VC-Mux settings. I didn't have a working phone with me and had to wait until the next day to call my ISP.

Their logs showed me having 16 line-drops over a period of few hours, and seemingly one of the line-drops triggered the system to disable my account because they thought I was hacking them. Or something. The support guy wasn't very clear on that.

With my internet restored (and my brother's fingers unclasped from my neck) I decided to do some extensive searching on the issue. After much reading and about 200 Firefox tabs open, I found out that seemingly, with my router, Bridge mode only really gets activated if you do it through the Wizard. I'd just gone straight into WAN settings and changed it there.

Parallel to the research, during my tests the day before, I had noticed  something strange on the system monitoring page. After negotiating the connection speeds, the router was alternating between two connection profiles; my one -aptly named 'Jazztel'- and some other one named 'ISP2'. I couldn't find mention of ISP2 anywhere on the router's web management pages, so I telnetted in. There I quickly found the rogue profile under '11.1 Remote Node Configuration'. It seems the profile was pre-loaded onto the router by Telefónica and served some mystical purpose. Deactivating the profile broke my internet again. I thought the solution might be just deleting it so after much hemming and hawing I went for it. With my heart thumping I rebooted. Success! The internet still worked.

With that peculiarity sorted out, I went through the Wizard to set the router into bridge mode and saved the settings. Then in PfSense I configured the WAN interface as PPPoE again, with my username and password, and crossed my fingers. After about a minute my internet was working again and there was much joy in my heart.

New and improved network diagram

New and improved network diagram

Over the next few days I'll get to see whether all this trouble was worth it or not. Will PfSense need rebooting every other day? More to come.

Update: here are the conclusions after a few months, regarding the change.

Posted in Uncategorized | Tagged , , | 1 Comment