Tuesday 27 March 2012

Dansguardian Log Analyser

I recently started to learn Dojo and thought that writing an application would be a fun way of doing so.

When writing a new web application I wanted to create something useful, so I reflected back to when I installed Dansguardian on the My Book Live.

After installation I found out there wasn't any good log analyser available (at least not outside webmin). So when deciding to write an application, the choice was easy. The application turned out to be "Dansguardian Log Analyser" which is based on Dojo and PHP.

As with my other small projects I published the final product on github for everyone's use.

Read on for details and installation instructions...


Details

There's three sections available:
  • Summary
    Shows a graph of today's usage.
  • Denied requests
    A list of today's denied requests. By clicking on a row it will open the denied page in the iframe below the grid.
  • Realtime log
    This simply tail the Dansguardian logfile to the browser. It displays all requests logged in the access.log from the time the tab is selected.


Screenshots



Installation

Download the package from here.
Copy dla/ directory to your web/proxy server running Dansguardian. (E.g. to /var/www/dla/)
Access it through: http://your.web.server/dla/

Notes

Make sure "logfileformat = 1" is set in dansguardian.conf
If "loglocation" is change from default, update getDansguardianLog.php with the correct path.


Thursday 1 March 2012

My Book Live with Squid and fakeauth

Next for the new My Book Live was to install and configure Squid. Since MBL runs Debian, it is fairly straight forward to get Squid up and running. But here we also want to setup fakeauth which complicate things a little bit.

The reason for using fakeauth is to authenticate users on a home network without the need for any central authentication database. It is far from secure, but for the sole purpose of identifying the user it is good enough.


Install Squid3
First we need to update the package repositories from where we wish to install.
Simply run the following in the shell:
echo 'deb http://ftp.us.debian.org/debian/ squeeze main
deb-src http://ftp.us.debian.org/debian/ squeeze main
#deb http://ftp.us.debian.org/debian/ sid main
#deb http://ftp.us.debian.org/debian/ experimental main' > /etc/apt/sources.list
Then execute the next line to update the local cache and install Squid 3:
apt-get update && apt-get -y install squid3
This will download and install Squid3 followed by starting it up listening on port 3128.


Install fakeauth
Fakeauth is part of Squid3 but it is not bundled with the installable package. This forces us to build it from source.

Let's start by installing dependencies:
apt-get -y install gcc g++ make patch
Next we download and unpack the source for Squid 3.1.6:
cd ~/ && apt-get source squid3
tar xzf squid3_3.*.orig.tar.gz && cd squid-*/
Below we build fakeauth with a patch required for the MBL:
./configure
cd compat/ && make
cd ../lib && make
cd ../helpers/ntlm_auth/fakeauth/
echo '279a280,281
>     // Fix for platform
>     auth->flags = le32toh(auth->flags);
282c284
<     debug("ntlmDecodeAuth: usr o(%d) l(%d)\n", auth->user.offset, auth->user.len);
---
>     debug("ntlmDecodeAuth: usr o(%d) l(%d)\n", le32toh(auth->user.offset), le16toh(auth->user.len));
' | patch fakeauth_auth.c
make
This would produce an executable file called fakeauth_auth in the current directory compatible with MBL.
Copy this file to Squid's library path to keep it all in one place:
cp fakeauth_auth /usr/lib/squid3/
chmod 755 /usr/lib/squid3/fakeauth_auth

Configure fakeauth
Fakeauth is a NTLM authentication helper which we configure in /etc/squid3/squid.conf by adding the following:
auth_param ntlm program /usr/lib/squid3/fakeauth_auth -S
auth_param ntlm children 5
auth_param ntlm keep_alive on
This will enable the module but won't restrict any users accessing the proxy.

At approx. line 760 add the following two lines to enable fakeauth module:
(Note that http_access deny needs to be above any other http_access allow to work properly)
acl dummyAuth proxy_auth REQUIRED
http_access deny !dummyAuth all
This basically tells Squid only to allow clients that support NTLM. This will only work for Windows users so additional rules needs to be added to allow other clients to bypass the authentication.

After restarting Squid (/etc/init.d/squid3 restart) the username should now appear in the logfile when using Squid as a proxy:
# tail /var/log/squid3/access.log
1221111156.178    170 10.0.0.9 TCP_MISS/204 351 GET http://www.google.com/csi? charlie DIRECT/74.125.237.112 image/gif





My Book Live not working with iTunes 10.5

I recently bought a My Book Live and wanted to use it as a streaming server for Apple appliances.
During initial setup there was a prompt for a new firmware which I installed straight away. Then after moving some music over to the shared drive, I tried to connect to it in iTunes which obviously failed.

After searching around for a while I found a lot of people experiencing similar issue with not only the MBL, but with a lot of other NAS' as well.
Amongst the suggested resolutions were:
  1. Make sure "Media Serving" option on the share was set to "All"
  2. Under Settings > Media > iTunes, execute the "rescan"

None of them worked, iTunes just showed the spinning wheel as it tried to connect.

Then spending a bit more time checking debug logs from forked-daapd (the iTunes Server) and the network traffic, everything looked good, it just wouldn't work.

Since the firmware already been updated, I didn't have much hope when visiting WD's support page to look for a new firmware to support the iTunes 10.5. Surprisingly there was a much newer version available. After installing it and the library was rescanned, it worked perfectly. Well, for music at least.
As it turns out the iTunes 10.5 and My Book Live currently only support streaming of music. For videos, iTunes 10.2 must be used.


Resolution
Install latest firmware (MyBookLive 02.10.09-124 : Core F/W).

For instructions on how to update the firmware, please follow the instructions provided by WD: http://wdc.custhelp.com/app/answers/detail/a_id/5735


Note
Clearly Apple is causing all these issues for the sole purpose of saying, "You should be using our products!". Time will tell if it is right or wrong.