Jimiz.net – Jim Becher on the web

Here is a tutorial on how to setup SARG (http://sarg.sourceforge.net/) – Squid Analysis Report Generator on Pfsense.   If you don’t know what any of those words meant then here are some references.

• SQUID – (www.squid-cache.org): Squid is a web proxy that can filter traffic from your network to the internet.
• Pfsense – (www.pfsense.org) : PFsense is a free opensource firewall / router for home or office

I have recently setup a Pfsense router / firewall to replace my old “blue plastic” router that was purchased at the big box location.   This solution has been working great.  It has been in place for over a week and I have been adding configuration settings to it.  One of the great tools included in this router is the ability to add packages.  In particular one of the packages is SQUID.  A proxy tool that can help monitor web traffic and also speed up performance.  

I have used SQUID in the past and know it’s benefits and also issues.  One great benefit is reports on web usage and traffic.   The pfsense implementation also has a package for reporting on squid called lightsquid.  Lightsquid is ok, but not my favorite tool for displaying information.    I would rather use SARG.   So I began to do a few searches and found some outdated information and ways to configure SARG.  From these searches (NOTE: Most of the info below I was able to find from other forum posts)

Install SARG on pfsense

1. Install the Squid package and have squid running on your firewall
2. Validate that SQUID is logging (Services | Proxy Server |) – Enable Logging (check) and keep the log store directory “/var/squid/log”
3. SSH into your firewall
4. Open a shell
5. (optional) I added nano as a text editor so I ran this command.

     pkg_add -r ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-8-stable/Latest/nano.tbz
   

6. Run the package command to add SARG (this retrieves the latest stable package for freebsd stable branch)

   pkg_add -r ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-8-stable/Latest/sarg.tbz
   

7. Now to configure SARG – You can start with the default config
   

    cd /usr/local/etc/sarg/     
   cp sarg.conf.default sarg.conf      
   nano sarg.conf

8. I actually created my sample from some other settings.  You can just copy and paste this into sarg.conf if you like

   #Locatoin of log files - from pfsense settings  
   access_log /var/squid/log/access.log     
   title "Squid User Access Reports - SARG"     
   graphs yes   
   graph_days_bytes_bar_color orange     
   #LOCATION of WEB PAGES  
   output_dir /usr/local/www/squid-reports   
   #Display usernames or IP  
   resolve_ip no   
   #Sort Order 
   topuser_sort_field BYTES reverse    
   user_sort_field BYTES reverse

9.   Run SARG for the first time.  This may take a bit to run depending on your system and how long you have log files for.

   cd /usr/local/bin     
   chmod +x sarg

10.   Configure the system to run the reports once a day using CRON. 

    #crontab -e    
    01 * * * *   root /usr/local/bin/sarg

11. To view the reports you will need to go to a specific url http://<your pfsense box>/snort-reports/

Here are some example reports: (ip’s blocked to protect the innocent )

LANDING PAGE

DAILY REPORT

INDIVIDUAL USERID (IP)

GRAPH OF INDIVIDUAL

I prefer SARG because of the graphs and the look and fee.  Let me know if you have any preference on reporting systems.

I have been having some performance issues with my home firewall.  Last year I upgraded my networking to use a Cisco e3000 running tomato firmware.  This configuration worked well when I paired it with an airport extreme to be the dedicated wireless access point.   I had moved to a dedicated wireless AP as we added more wireless devices in the house.  This also allowed for my wireless repeater/bridge in the office to have better connections.

Previously in 2009 I had used just a netgear router with DDWRT. This was quickly overpowered by the number of connections I have in my home.    I did a quick inventory yesterday to see what the kind of numbers were were talking about.  There are about 16 devices using my wireless:

• 2 Nintendo DS
• 2 tablets (ipad, etc..)
• 3 iPhones
• Tivo
• Windows Media center
• 2 wireless cameras
• wireless printer
• 3 Laptops
• Wii

To help with this issue I decided to build a more robust firewall router.  This would allow me to shape traffic better and add some QOS rules.  I tried a few versions of firewalls.

• Pfsense – http://www.pfsense.org/
• ipcop -  http://www.ipcop.org/
• untangled – http://www.untangle.com/
• m0n0wall – http://m0n0.ch/wall/
• smoothwall – http://www.smoothwall.org/

My original intent was to build a low power dedicated server for routing and firewall.  I chose an atom processer mini-itx board.  I’ll share the hardware info in another post.   I thought for sure that I was going to use smoothwall. I had some experience with it in the past.  Unfortunately I decided against it in the end.  I gave each a shot to be in stalled.  Overall, the untangled had the easiest install but I really never got it working.  It could have been that I configured the system behind my existing network, but I did not have a good experience once it was setup.

As I said earlier I had intended to use smoothwall.  The install did not go well initially.  I did not have a CD-ROM on my new system, so I tried to do a usb boot.   smoothwall somehow did not install properly.   I ended up getting a usb Cd-rom to do the install only to find out that one of the nic cards was not recognized.   I decided after that to give monowall a shot.   I got half-way through the monowall install and my Cd-Rom failed.   I was frustrated enough that I just decided to throw another package on it to try. 

I installed pfsense and have not looked back. It is a BSD based application and has been working perfectly.   I added a few packages to the system.  Ntop – to monitor bandwidth and systems.  SQUID proxy for proxying and tracking all web usage.

Overall, the usage of opendns and the proxy has significantly increased web performance at our house.

My wife went to a seminar today and came back with a good idea. That she and I should have an emergency contact card in our wallet. She also mentioned an ICE contact for our phones. I had not heard of ICE contacts, “In Case of Emergency” – here is a quick blurb from lifehacker – How to add an ICE contact to your phone

After some research I came up with a format for us to have a business card size emergency contact for us to carry. I used the Microsoft Word template called “pocket emergency contact reference.” You can download the template from the Microsoft office site

http://office.microsoft.com/en-us/templates/pocket-emergency-contact-reference-TC030001514.aspx

It is a quick and easy way to make an emergency contact card. I created one to put in my wallet, backpack, and bike bags. I typically carry my ID when I bike, but this would be valuable as well.

This new year I plan on blogging more.   For one reason, it is a good stress relief.   The other reasons revolve that I like to do it.    

To make the process easier I plan on utilizing Windows live writer.  The reason for using live writer is the simple ease of use and great layout functions it allows.   I currently use WordPress as my blog engine.  It is fantastic and I can’t say enough about this blog engine.  However, I find that writing in the small text window is difficult when attempting to add  a lot of content.  

Live Writer is basically a scaled down word processor.   It works seamlessly with WordPress and give you the ability to do offline writing.   I have used it in the past but did not make blogging that much of a priority. 

Here is a great overview of live writer from PCworld

http://www.pcworld.com/article/211388/windows_live_writer_makes_beautiful_blogseven_when_youre_offline.html

In more recent weeks I have noticed a trend of blogs to start using livewriter as the editor.  You can see the increase from builtwith.com trends

See this chart of how it has increased usage.

It is that time of year again.  Every December before the new year, I evaluate the technology I have.  I typically look at my laptop and determine if it needs to be upgraded first then look at my other machines.

This year I decided that my trusty ThinkPad T410 did not need to be replaced.  Instead it was going to get a few new items.  First an upgrade of RAM.  It had 4Gigs of ram and I just added 4 more to make 8Gig.  

When I purchased the T410 I also got a CD ROM replacement caddy. This allows for the CD/DVD to be replaced with a hard drive.  I am planning on ordering a SSD drive for the primary OS and then use the current Hard Drive as Data storage. 

I have also ordered a new device that I’ll be blogging about in the next few days.  I purchased a ASUS AT3IONT-I deluxe Intel ATOM motherboard from NewEgg.com.  It is a mini-itx motherboard that comes with an Atom processor and also a power supply.  The combo was a big deal for me.  I don’t plan on using a case for this, just wall mounting the board behind plexiglass.    This will be my new firewall / router.    I am currently deciding what firewall to run either untangled or smoothwall.  I’ll document the process once all the hardware arrives. 

My intent is to have a more powerful and useful device than those plastic blue devices that most people have .    More to come…

I am not a designer. In fact, I’m pretty bad with design. However, I can tell when something looks good. It is just my way of saying I appreciate good design, I just suck at it. Here is a great video showcasing how design (brands) work. This is great work done by Erica Gorochow

The Fundamental Elements of Design from Erica Gorochow on Vimeo.

It is that time of the year.  I love Christmas.  I just realized at work that the the only pictures of the kids I have are getting pumpkins and a Christmas tree (multiple years).   Yesterday we went and got the tree.  It is always a fun event, and we have had snow each year we go.  We have been going the same place for the last 6 years.   (buy local

In the spirit of things we have been listening to Christmas songs since ThanksGiving (my kids love them).  But here are a few of my favorites:
These are songs that I’ve just enjoyed for a while.

1. Merry Christmas from the Family (REK) – Fun song

2. Merry Christmas from the family (MG) – just a fun twist

3. Dido (Christmas Day)

http://www.youtube.com/watch?v=7heCppIC0_E&feature=related

4. Dave Matthews (Christmas Song) Live

5.
 

I’ve been cleaning up my work  area.  Not only my real desktop at work but also my computer desktop.  To help keep a cleanly system I decided to try Fences.

http://www.stardock.com/products/fences/

Nice little gem of an application.  Give it a try. It neatly organizes your icons or files on your desktop into specific areas.

I have seen some great online resources recently for .net development training.

Pluralsight is a fantastic resource: Some are free : MVC controller

http://www.pluralsight-training.net/microsoft/players/PSODPlayer.aspx?author=scott-allen&name=mvc3-building-controllers&mode=live&clip=0&course=aspdotnet-mvc3-intro

For beginners this one is fantastic:

http://mottishaked.com/training/dot-net-tutorial

Remote PC support has come a long way.  It used to be a long phone call and people would explain what they were seeing.  Then we added remote desktop sharing tools like VNC.  Now many sites and applications have these features.    I have discussed remote desktop sharing / support apps before - http://jimiz.net/blog/2008/07/open-source-applications/

Since then I have tried many versions.  Go2MyPC, webex, livemeeting, dimdim, view, and many more.   Recently on a family support call I decided to try two new ones.   I have recently been using go2assist (from citrix) however I decided to let my subscription run out and go back to open source.

Two players in this space.  join.me – a simple web site to allow you to share your screen. It was simple to use but not as intuitive as I would have liked.

I ended up using Microsoft’s SharedView.  Since I already had a live /hotmail account and so did my family member who needed help the requirments to use this tool were already set.

They basically went to http://connect.microsoft.com/site94  downloaded the application and ran the 3 step install.

After it is installed you can run the app and get a tool bar on the top of your screen.  Steps are simple.  Login, start or joine a session.    I was able to walk them through starting a session and quickly join them via email address in about 1 min.  If you are starting the meeting you just click the start a new session and you are presented with a link to email or a password to share (SIMPLE)

Thank you Microsoft for this great tool.   It is not as clean ad go2assist but very practical.

I came across this advertisement on a blog that I read about urban biking / commuting. I thought it was a pretty common sense advertisement. I think there is another that compares electric cars as well.

Original Link

http://urbanvelo.org/wordpress/wp-content/uploads/2011/10/reality.jpg

Schwinn s9five6 Commuter

I have started biking into work again.  It has been enjoyable and an interesting adventure.   This time around I’m using my commuter, a converted mountain bike (Schwinn S9five6 – Purchased in 1995).    This is one of my favorite bikes, I’ve had a great amount of fun over the years with this bike.   In the last 5 years it has sat in my garage gathering dust.

When I started commuting this year I was using my Fuji road bike.  I love that bike, it is fast, light and nimble.  However, using it for commuting became difficult.   The route I take to work takes me across 2 major roads.  One of those roads does not have bike path.   To accommodate I typically ride on the sidewalk.  The road bike does not handle the sidewalk that well.  Too many curbs and opportunities to pop a tire.

To make commuting easier I decided to use the Schwinn.  I have put Bontrager slicks on it and added some safety lights and flashers.   Other than the items above and adding a Roc Shock back in 1998 it is stock.

Over the last week it has been fun to ride to work.   Not having to worry about what I ride over; curbs, cracks and gravel.    Though I only ride 6.8 miles into work, it is about 30 minutes across a few busy roads and a few bike paths.

I typically don’t ride on a sidewalk, especially on the road bike but it is much safer earlier in the morning.   People don’t often look for bikers when they are driving into work.

If you have not tried to commute into work via bike, I would suggest trying it a few times.

I’m not a huge person on fashion but I do like watches.  I have always had a thing for a good watch.  The problem is how you define a good watch.  When I was younger it was the most features wins.  Stop watch, timer, multi time zones, etc…  Now I’m more focused on style and function.    For the last 3 years I have had a great dress watch and a great everyday / running watch.

Dress Watch:  Seiko Kinetic watch – my wife got this for me and I wear it for most dress occasions.  It is self winding when you move, so if it sits on the shelf it is not keeping time.  I don’t have a fancy winder, that moves your watch while you store it (some day I should get one).

About the same time my running watch an older Nike watch broke.  It was a Triax 50, the kind that had a tilted watch face.  It had a common flaw with the bands, they just somehow broke.   After my great luck with the nike watch, It looked good and functioned well.  I decided to find another.   I ran across a sleek looking watch at the Nike store in Chicago.  After I saw it I had to have it based on it’s look.    The Nike Torque watch was perfect, It looked good and

Nike Torque

could pass as a  dress watch, and functioned as a running watch.  I got more comments on the Nike torque than any other watch I’ve ever had.  People were always asking me who made the watch and what it did.  I think the square face that was dark made it look good.   The band on that was was the most comfortable I have ever had.   The down side was that the alarm was quiet.     Unfortunately  the watch broke when I was changing the battery.  The seal around the battery latch failed after 4 years of wearing it every day.    I have since tried to find this watch on ebay or any other site only to find that the prices are so inflated.  I think I originally paid $80 for the watch.   I recently saw one for sale on ebay for 200 (ebay) .   This little nike watch is by far my favorite.  The watch face was solid and did not seem to ever scratch.

My most current watch was purchased for both look and function.

Speedo Vibration Watch

I use my watch to wake me up almost all summer.   I purchased the Speedo Vibration watch.  It allows for the alarm to vibrate as well as beep.   This is great because I would not wake up the rest of the family with the alarm during the summer.  Overall this has been a pretty solid watch. However the face scratches easy.

In looking for my recent watch I was very interested in the new NIKE+ GPS watches.    They are a bit pricey but look and have GPS

Nike + GPS

build into them.   The issue  was both the cost and at the time I needed a watch Nike had sold out of the first batch.   I have yet to see anyone wearing one, but it is still on my radar.     In the last week I’ve read a few great articles on how the watch was thought to be dying because of cell phones.

These articles are pushing that watches may come back.  Look at the ipod nano watch band.   There is a new watch called i’m watch.  I’m excited to see this come.  It looks to run an android OS for the watch.

As you can see, I like watches.

I currently have many things that I would love to acquire.    Some of these I consider great design and others I find as great tools.

Seating:

Eames Aluminum office chair – a great office chair that is comfortable and also good looking:  http://store.hermanmiller.com/Products/Eames-Aluminum-Group-Management-Chair

Eames Lounge – I have  wanted this chair for years.  It would be a great addition to the house as both a show piece and also seating:  http://store.hermanmiller.com/store/servlet/dynamicKit__10151_-1_10051_1097?CAWELAID=846660089

Backpack – Waterproof backpack that would be great for commuting and work:  http://www.missionworkshop.com/products/bags/backpacks/rucksack/sanction.php

Backpack – Not as good looking as the mission backpack but the same function: http://www.amazon.com/Overboard-Liters-Premium-Waterproof-Backpack/dp/B004D13NCE

Commuting coat – Mission workshop makes some of the best looking functional items: http://www.missionworkshop.com/products/apparel/jacket/waterproof-orion.php

Digital Lock – A door lock that kids can use on the house, never leave a key lost: http://www.amazon.com/Schlage-FE595VCAM619ACC-Camelot-Keypad-Accent/dp/B000NJJ1TY

Stereo – I love hi-tech gadgets but this is just pure vintage goodness.  My father had the Pioneer SX-727.  I have been watching for a good version of this.  Pioneer SX-1010 - http://www.classicaudio.com/value/pio/SX1010.html

This is just a good list of things.  I will eventually get around to buying  a few of these.

I am on the verge of purchasing an ebook reader. I currently read most of my books on my iPad or iPhone. However I have found that in some cases this is not the most reliable readers.

I find my iPhone great because it is always with me. However it is not good in the Sun or the beach (sand). The iPad is a better experience but I typically forget it when we travel.

I have been looking at a book (non color ). I can get books from the library and it does ePub format. Though I use kindle on my iPhone and iPad I think this the better choice. The kindle may have the better system to purchase books bit I am cheap and the library does a good job.

In a similar topic here are some views regarding hard cover books and ebooks

http://m.cnet.com/Article.rbml?nid=20051201&cid=latest&bid=82&webref=reviews.cnet.com/8301-18438_7-20051201-82.html%3f

The cost of an ebook is as much or more than the hard cover. This is based onthe release date. I’m not against this. But I find the value difficult to stomach when the production of an ebook costs next to nothing and takes about an hour.