StrongVPN PPTP on DD-WRT – Source based routing

Update: Improved version posted here

I’m a StrongVPN customer and just today I had a use case that required that I was able to setup the VPN tunnel from my router and only route a specific host down the VPN.

Here is how I did it using these:

Do the following on your router:

Services->VPN

  • PPTP Client Options: Enable
  • Server IP or DNS name: <this is the IP of the VPN server, hostnames DON’T work>
  • Remote Subnet: <This is the IP that the YOU receive from the VPN server, to get this first connect on Mac/Win and check what IP you get)
  • Remote Subnet Mask: 255.255.255.0
  • MPPE Encryption: mppe required,stateless
  • MTU: 1450
  • MRU: 1450
  • NAT: Enable
  • Username: <This is your StrongVPN user ID>
  • Password: <This is your StrongVPN password>

Setup -> Basic Setup

Under: Network Address Server Settings (DHCP)

  • Static DNS 1: 216.131.94.5
  • Static DNS 2: 216.131.95.20

Security -> Firewall

  • SPI Firewall: Disable

Administration -> Commands

  • EDIT the INT and SOURCETOROUTE variables to suite and paste the following, then click ‘save firewall’. The IP specified in SOURCETOROUTE is the source IP that will be routed via the VPN.
    INT=ppp0
    SOURCETOROUTE=192.168.1.119
    echo "sleep 40" &gt; /tmp/firewall_script.sh
    echo "/usr/sbin/iptables --table nat --append POSTROUTING --out-interface $INT --jump MASQUERADE" &gt;&gt;  /tmp/firewall_script.sh ;
    echo "/usr/sbin/iptables --insert FORWARD --protocol tcp --tcp-flags SYN,RST SYN --jump TCPMSS --clamp-mss-to-pmtu" &gt;&gt; /tmp/firewall_script.sh ;
    echo "ip rule add from $SOURCETOROUTE table 200" &gt;&gt; /tmp/firewall_script.sh ;
    echo "REMOTEIP=\$(ifconfig $INT | sed -n 's/.*inet *addr:\([0-9\.]*\).*/\1/p')"  &gt;&gt; /tmp/firewall_script.sh ;
    echo "ip route add default via \$REMOTEIP dev $INT table 200"  &gt;&gt; /tmp/firewall_script.sh ;
    echo "ip route flush cache" &gt;&gt;  /tmp/firewall_script.sh ;
    sh /tmp/firewall_script.sh &amp;
    
  • Reboot your router, after which give it about 5mins and give it a try from the machine specified in SOURCETOROUTE

Activating the bundled PHP server on Mac OS X (Snow Leopard)

Here is what I did on OS X 10.6.2, assuming that you already have bundled Apache web-server running – if not do this: Apple menu > System Preferences and click Sharing. Select the Web Sharing checkbox.)

1. Open up a terminal window and execute:

sudo nano /private/etc/apache2/httpd.conf

2. Uncomment – the line:

LoadModule php5_module libexec/apache2/<a href="http://libphp5.so" target="_blank">libphp5.so</a>

3. Add the following to handle php files:

<IfModule mod_php5.c>
# If php is turned on, we respect .php and .phps files.
AddType application/x-httpd-php .phpAddType application/x-httpd-php-source .phps
# Since most users will want index.php to work we
# also automatically enable index.php
<IfModule mod_dir.c>
DirectoryIndex index.html index.php
</IfModule>
</IfModule>

4. Restart the web-server:

sudo apachectl graceful

5. My root folder for my webserver is: /Library/WebServer/Documents. Create a PHP test file (e.g. phptest.php) which contains one line:

<?php phpinfo(); ?>

6. Test PHP http://localhost/phptest.php

TinEye – Searching for images, with images

This is very different from Google image search or other traditional image search engines.. TinEye crawls the web ‘fingerprinting’ images and adds the fingerprint to it’s search database. So to search you will provide TinEye with an image, by either URL or upload, and it’ll fingerprint it and compare to all the other millions of images in it’s database to find matches all over the web, it even finds various variations of the image.

The video on their site explains better, so check it out here www.tineye.com