1. August 23, 2010

      pfSense IPv6 HowTo (PPTP with Thomson ST536v6 in NZ)

      I’ve just spent a few hours getting this going, and so I thought I’d write up a quick howto.

      1. Install VirtualBox. Windows Virtual PC doesn’t support starting machines as services, and I never really liked VMWare Server due to it’s high overhead.
      2. Created a virtual machine and install pfSense 1.2.3. Accept VirtualBox’s default FreeBSD settings, except create 2 network cards (pfSense won’t work without at least 2), both bridged to the physical network interface. Remember that the modem will run on a different IP address range (, and so while using VLANs and actually separating the networks is an option, having everything on the same network won’t do anything bad.
      3. Now that pfSense is running, setup the Thomson ST536v6 to act as a PPTP server. This is so that pfSense will get the real, public internet connection with real-world IP address. Much nicer than having to use NAT or DMZ, and the Thomson does a nice job of this. Telnet into the modem (remember the default username is Administrator and password is blank) and run the following commands (which WILL destroy your current config). Note: this forum post is mostly correct, but I kept getting an “Invalid phonebook destination name, phonebook is in use.” error when trying to flush the ATM interface without first detaching it.
        :system reset
        :ppp relay flush
        :eth flush
        :atm ifdetach intf=atm_0_100
        :atm flush
        :ppp flush
        :atm phonebook flush
        :atm phonebook add name=BrPPPoE_ph addr=0.100
        :service system modify name=PPTP state=enabled
        :system reboot
      4. After power cycling the modem, time to configure pfSense. Bind LAN to em0 and WAN to em1 (or vice-versa, doesn’t matter). pfSense will take forever bringing up the WAN interface, because it’s expecting a DHCP lease which isn’t available. The LAN interface will start acting as a DHCP server, which is good, given you’ve just told your modem to stop doing that.
      5. Login to the pfSense web UI. Under Interfaces, select WAN. Change the Type to PPTP. The Username and Password won’t have any effect for Telecom ADSL connections ([email protected] and telecom work fine), but for UBS or LLU connections you’ll need to use something specific. Set the Local IP address to and the Remote IP address to (which the modem should be listening on, as well as
      6. Not quite sure what causes the PPTP connection to stand up (I think I just waited and it came up automatically), but at this point you could probably power cycle the virtual pfSense and it should all liven up. If you’ve done it right, you should have an internet connection on your clients (you may need to refresh the DHCP lease). Step one complete!
      7. Now for tunnelled IPv6, to go http://tunnelbroker.net and sign up for a tunnel. Don’t forget to tick the IPv6 enable box (under Advanced in pfSense’s System menu)
      8. There’s a great shell script here which takes care of creating the tunnel on pfSense. You’ll need to run this on each restart, but each time you restart your public IP address is likely to change anyway. I may get bored and update the script to handle this automatically at some point…
      9. Anyway, if you can get to http://ipv6.google.com, step two complete!

    2. July 2, 2010

      jQuery qtip & fullcalendar

      Was having a really strange problem today; getting qtip (1.0.0-rc3) and fullcalendar (1.4.5) to play nice. No matter what, it was erroring on line 139:

      $(this).data('qtip').current = $(this).data('qtip').interfaces.length

      Thankfully the intertubes had a very helpful post; changing line 134:

      if(typeof $(this).data('qtip') == 'object')


      if(typeof $(this).data('qtip') == 'object' && $(this).data('qtip') !== null)

      made it all happy. Good coding practice FTW…

    3. June 7, 2010

      Signs of life

      Ya, it’s been a while since adding content to this site, I know. It’s on the todo list.

      While helping my lovely wife and my grandfather-in-law get their blogs online, I realised I’ve mostly neglected mine. It’s not because I don’t love you, sweet internets, but because I’ve found that the free time I once had for ranting online has almost vanished. It’s honours project time, my final year of uni, my victory lap. Although I don’t have exams, it feels like I’m being tested every day. It feels like it’s no longer fun whimsical nonsense, at uni and at work. And as much as I thought it never would, I want it to be over quickly.

      I gave up writing for Nexus; not because I didn’t enjoy it, but because I felt my writing was getting to the stage of interestingness. Throughout all the articles of The Nerdery, you’ll notice a certain “shit, gotta get this done before Monday” feel to them. They were forced. And then, something happened at the start of the year; I felt like I had something to say. I felt like I had to educate the masses. Unfortunately, this came at a time where the new editor felt that Nexus had evolved too much over Josh’s tenure, and decided to take it back a notch. I felt like I no longer belonged.

      It’s the sort of feeling I’m starting to find from places where I thought I had permanent membership.

      Anywho, that’s enough emo for one night.

    4. November 26, 2009

      A simple Twisted PubSub Server

      I’ve been looking all day for this, and almost gave up and went back to Java. If you’re like me and want a simple PubSub server for Twisted, go here.

      Why did this take all day to find? Why can’t common things like this be explained in the Twisted documentation, the book, or even linked as example code? Something has to really frustrate me to make me want to use Java…

    5. October 13, 2009

      Safari Crashes, PubSubAgent has issues, everything dies, oh my!

      Ever had one of those days, where everything just seems to be going wrong? Over the last 6 hours, I’ve been trying to debug why Safari, Mail.app, iTunes and Adium crash without ANY explanation, after any of said applications tried to load a webpage.

      It started randomly (haven’t made major changes in the last few days), so I assumed it was something corrupted. The only hint was that after Safari, Mail, iTunes or Adium crashed, PubSubAgent would use 100% CPU time. So, I fire up Instruments and look at the trace for PubSubAgent. It seems to be calling CFHTTPCookieStorageFlushCookieStores many times, which is odd, because a quick Google doesn’t return anything useful about this system call, obviously related to CFHTTP.

      Fast forward 4 hours later when I’ve cleared caches, nuked my Safari config, tried removing PubSubAgent (which just made it worse). The fix? Removing ~/Library/Cookies/Cookies.plist. Oddly enough, it has a companion – ~/Library/Cookies/Cookies.plist – corrupt.

      So, just a recap; somewhere the system knew my Cookies file was corrupted. But instead of spitting this out to the Console, throwing a Dialog, or ANY form of useful information, I had to trudge through my Library looking for something which could be causing the problem, and manually removing it. It was by chance that I noticed the Cookies folder, which is strangely not in the Safari folder where one would normally expect it.

      And just to make matters worse; Safari’s “Reset Safari” did nothing to solve the problem. That’s right, checking the “Remove all cookies” checkbox did NOT remove the cookies!

      Good user interaction FTW!

    6. September 19, 2009

      Snow Leopard: Outdated-software-R-us!

      I apologize in advance for the lack of coherency in this post; it’s late, and I’m tired.

      So, I have a custom backup script (mostly because I know I can do it better for my workflow than some off the shelf solution). It uses tar’s listed-incremental function to do, as you can guess, incremental backups over a monthly cycle. It’s been working well since I made it on Tiger, except today, the first time I’ve tried to take a backup since upgrading to Snow Leopard. It straight off failed, claiming it doesn’t understand listed-incrementals.

      I’m scratching my head as to why (it’s really not a complex script), before I realise it’s using an older version of tar than what shipped with Tiger and Leopard (or it’s using BSD tar as opposed to GNU tar… but I can’t verify what Tiger/Leopard had, all I know is it worked previously). Hmmm… ok. So I open Macports, install the latest version of gnutar, removed the crappy Snow Leopard tar and all keps going happily… except I now have a wiggling suspicion in the back of my mind that there is another disturbance in the force…

      I dig a little, and it’s not long before I discover that Apple also decided to ship bzip2 1.0.4, which has a security exploit that was fixed 1 year 6 months before 10.6 was released…

      WTF Apple? Is anyone paying attention to software releases over there? It makes me wonder, what other outdated, exploitable software is installed on my laptop?

    7. September 11, 2009

      Spam for Coffee…

      So, me and Bev like coffee. In the morning, in the afternoon, in the evening. We also like sleep, and so our coffee time in the morning often results in getting 2 to go. Which is fine, because BP’s Wild Bean coffee is actually pretty good, and as we have travel mugs, quite reasonably priced.

      We collect the free coffee cards, and enjoy it. Except this morning, we notice that they’re phasing out the paper system in favor for a keyfob barcode. It’s ok though, if you register your keyfob online, you still get 6 for the price of 5, contradictory to the way Subway did it when they introduced their Subcard, when Subway sneakily increased the cost of a free lunch.

      But the BP offer isn’t without a catch. To get the 6 for the price of 5 deal, you have to not only give them your email address, but also opt-in to their… well, it doesn’t actually say what I’m opting-into. For all I know I’m opting into daily advertising, or perhaps a free coffee on my birthday, or perhaps they’ll forget about it entirely and we’ll all just go about our days.

      Will people accept Spam for slightly cheaper Coffee? It’s an interesting concept, I wonder how effective it will be…

    8. September 10, 2009

      ACM Code Poetry + Pizza Night…

      … has been postponed.

      However, do not loose faith, it is happening. Unfortunately we just couldn’t do it in the first week back.

      Watch this space!

    9. August 31, 2009

      Soundflower + 10.6 == …. Works (now anyway)

      So, I’m procrastinating from writing my Java app. And when procrastinating, I like to listen to music. Except my laptop speakers suck, and as I’m home alone I would like to listen comfortably without headphones. Long story short; I need to hijack music form my laptop’s iTunes, and stream it to my desktop’s VLC or Windows Media Player.

      Instantly I turn to an old favorite; Soundflower, which provides virtual inputs and outputs for MacOS. Except, it stopped working in Snow Leopard, the dialog: System extension cannot be used The system extension “/System/Library/Extensions/Soundflower.kext” was installed improperly and cannot be used. appears. Thankfully, it’s actually a simple problem and a simpler fix.

      If you go:

      $ sudo kextutil /System/Library/Extensions/Soundflower.kext
      /System/Library/Extensions/Soundflower.kext has problems:
      Authentication Failures:
          File owner/permissions are incorrect (must be root:wheel, nonwritable by group/other):

      See, simple permissions problem! Running chown and chgrp cleans it up nicely. I’ve submitted the fix in the bug report, and hopefully soon a fix will be officially released.

      Now, back to streaming my music…

    10. August 30, 2009

      iPhone 3GS WiFi Speed Issues

      So, since buying my iPhone 3GS, it’s been plauged with speed issues over WiFi. Not the awesome Lightwire service on campus, but my home, with my Cisco Aironet 123AG access point, the last place in the world I expect to have problems.

      For those lucky enough not to experience slack WiFi, the problem is that is some applications are completely unusable. Using the http://i.dslr.net/tinyspeedtest.html website, my iPhone (on good days) gets ~4000ms pings and I~50kbps. But there should be no reason for this; The speedtest.net app works fine, showing speeds of ~14Mbps… Curious…

      So, I did some packet captures (the capture point being on wired ethernet, directly after the AP); the iPhone takes seconds to ACK the TCP packets when running Mail or Safari (didn’t bother testing any other applications).

      My logic may be failed, but if I run the test and get 256ms and 3500kbps on my MacBook, there should be no reason why this isn’t possible on my iPhone. My MacBook uses .11a, while the iPhone 3GS seems to only use .11b/g (which is very odd, because the chipset is there to support 802.11a), so each device isn’t sharing radio space with the other.

      So I tried screwing with the settings, and the thing which had the most profound effect was the Beacon Interval. By changing it from 4000 Kusec to 40 Kusec, instantly I went from having ~4000ms pings to ~330ms pings, and a usable data rate of 864kbps! I then lowered it to the absolutely lowest time possible, 20 Kusec, and now have ~285ms pings and ~1500kbps to http://i.dslr.net/tinyspeedtest.html.

      This does, however, bring one very pressing question; Why does this only affect my 3GS? Beverley’s original iPhone worked fine before changing the settings, as well as our 2 laptops, and various visitor’s laptops. In fact, I used this and 4 other identical APs at the NZ WCG, providing internets to ~25 different laptops and PDAs of various descriptions, all roaming around the event, with the exact same configuration I started with, and not a single complaint. It obviously can’t be the fault of the AP… can it?