Attention Toy Junkies and Hackers: Imagine a 14 ounce device the size of a five pound bag of sugar with a self-contained Wi-Fi server, web server, streaming audio player, MP3 player, RSS Feed fetcher, email reader, voice recognition, built-in RFID proximity detection, text-to-speech and speech-to-text capabilities and... wiggly ears, a VoIP belly button, a speaker, and blinking lights all over the place. It's a bird, it's a plane. No, it's a Nabaztag/tag. With a name like that, you know it has to be good. Nabaztag actually is the Armenian word for rabbit. And the Nabaztag/tag is the second generation of Violet's infamous WiFi Bunny... from France no less.
For those of you thinking about one of these fine critters as a Valentine's gift, let me just offer up a quote from someone near and dear to me: "If you'd gotten me one of those stupid bunnies for Valentine's, you'd be sleeping in your car." Yes, much to the chagrin of the Little Mrs., we've spent an entire week playing with Pat the Nerd. And, with the help of a number of similarly misguided souls from around the world, we've managed to turn this rabbit, uh, on its ear. Or is it the other way around? You see Pat costs $179 at ThinkGeek. But there's more to it. Violet, the bunny's proud inventor, is also proud of their connection service. Beginning Valentine's Day, Violet has a special surprise for bunny lovers. They'd like every bunny owner to pony up $6.95 a month (forever) to keep your bunny hopping. No more animal jokes, we promise! There still will be some free services such as time and weather information. And Violet will still let your bunny receive a whopping
14 15 messages a month. That's almost a whole 30-second message every couple of days! But, after that, it's Pay Per View time. Believe it or not, there already are hundreds of thousands of Nabaztags in the homes of our European friends. But the bunny lovers of the world are in for a little surprise in a couple weeks. Happy Valentines! Heh, heh.
Well, that was last week. Several projects have been underway for months on SourceForge to unearth the bunny's innermost secrets. They quickly discovered that the first generation bunnies had a severe limitation because of an extremely proprietary sound chip. The second gen Nabaztag/tag resolves that by supporting playback of industry-standard sound files. The other problem with the SourceForge projects was the Hobson's Choice of an either-or bunny. You could either connect to Violet's servers and enjoy their offerings, or you could venture out on your own by creating your own applications using your own server. Thanks to Olivier Azeau, you now can have your cake and eat it, too. In addition to being an adept PHP programmer, Olivier also happens to like bunnies. So he began the OpenNab project on SourceForge to build a PHP-driven Nabaztag/tag proxy. Just as the name implies, it transforms the WiFi Rabbit into an open source platform while maintaining your existing connection to the Mother Ship. Stated another way, by using the OpenNab proxy, you don't throw the baby out with the bath water. Instead, you get the best of both worlds: all of the free Nabaztag services from Violet plus all of the free open source apps that the rest of us can dream up. And, if you want to subscribe to Violet's monthly service plan, you can do that as well. It also opens the door for competitive server platforms to support the Nabaztag/tag for those that have no interest in building and supporting a server just to trick out your dumb bunny.
That, of course, is where a TrixBox Asterisk® server comes into play. In addition to getting a first-rate (free) PBX that will run on Linux, a Mac, or Windows (download links at top of the page), you now have the perfect platform for the OpenNab proxy. For our non-Asterisk readers, you don't have to use a TrixBox server to make all of this work... if you don't mind wrestling with Linux. Or, for the Windows platform, you might want to try WAMP5. The beauty of installing one of our TrixBox servers for the Mac or Windows platform is that you don't have to have a dedicated Linux server. You can run the TrixBox server in a window on your desktop, and you never need to touch the PBX if you don't want to. In short, a TrixBox server is an ideal development platform for projects such as this because all of the tools you'll need are already integrated into a turnkey appliance. In addition to a fairly complete Linux toolkit, it also includes an Apache web server with PHP and a voice synthesizer called Flite right out of the box so there's nothing to install... except OpenNab. We'll walk you through that installation, and we'll provide a couple of our reworked open source applications for your OpenNab-energized Bunny to get you started: weather reports for every U.S. city and a Yahoo Headline News Feed Reader. Then you can rip into our code and contribute some applications of your own to the cause. A few have already been contributed, and we'll post those on our new Wabbit Vittles web site in the next few days.
OpenNab Prerequisites. As mentioned, you'll need a server platform that includes a web server with PHP 4.4.3 or later and CURL, a text-to-speech voice synthesizer such as Flite (free) or Cepstral ($30), and an encoding utility in order to get much use out of the OpenNab proxy. The free TrixBox appliances include everything you'll need to get started.
Downloading OpenNab. Once you have your web server with PHP and CURL running, you're ready to install OpenNab. Start by downloading the OpenNab Proxy application from SourceForge. Unzip the file, and you'll have a folder named opennab with a version number. We're assuming it's 0.04, or some of the fixes below may not be necessary. There are several tricks to getting OpenNab installed and working reliably. We're going to walk through the TrixBox installation scenario. It's also possible to run this on a dedicated Linux machine or through a Linux hosting provider site, but it's considerably more complex to get all the pieces working as you'll quickly discover if you decide to try it. We've put up a demo system through our hosting provider, BlueHost, just to show it's possible. BlueHost incidentally happens to be the best AND the cheapest hosting provider on the planet if you ever have a need. Regardless of which route you take or even if you roll your own server, be aware that the two folders (vl and broad) both have to be copied into the root directory of your web server.
OpenNab Installation and Setup. In the case of a TrixBox installation, copy the vl and broad folders into var/www/html which is the web server's home directory. If you're using a hosting provider, copy the two directories into your root web folder, usually www or public_html with cPanel systems. Instead of Apache redirect commands, OpenNab uses ErrorDocument redirection to reroute traffic from Violet's servers to your OpenNab Proxy. So, if they don't already exist, create a .htaccess file in both the vl and broad folders: nano -w .htaccess after logging into your server as root (for TrixBox) or your accountname (for hosted servers) and changing to the proper directory.
In the vl folder, make sure you have the following line in a .htaccess file. This was missing in version 0.02 :
ErrorDocument 404 /vl/bc.php
In the broad folder, the following line should appear in .htaccess:
ErrorDocument 404 /vl/media.php
Next we need to modify the Apache config file on your TrixBox server so that it allows .htaccess commands to override Apache defaults at the directory level. This isn't required on most hosted systems since they already allow directory-level overrides. While still logged in as root on your TrixBox server, edit the Apache config file: nano -w /etc/httpd/conf/httpd.conf. Press Ctrl-W and search for AllowOverride None. Press Enter to execute the search. Leave this entry alone. Now press Ctrl-W and Enter again. Change this entry to AllowOverride All. What this does is allow .htaccess overrides on the /var/www/html directory and its subdirectories which is what we want since that's the root directory for the web server. Save your changes: Ctrl-X, Y, then Enter. Then restart Apache: apachectl restart.
Regardless of your server type, we need to create a few new folders to make sure OpenNab can successfully pass its startup tests. Just issue the following commands while logged in as root:
cd /var/www/html/vl/plugins/files_simpleplay (NOTE: Version 0.03 and 0.02 stored these files in /var/www/html/broad)
If you're using a hosting provider, you can ignore this step. On TrixBox servers, the web service runs as user asterisk unlike other Linux systems. We need to adjust the permissions on the folders we installed to be sure this user can read, write, and execute in these directory trees. So issue the following commands while logged in as root:
chown -R asterisk:root vl
chown -R asterisk:root broad
Finally, regardless of your server type, there was a little bug in version 0.02 that occurred if you happened to enter the MAC address of your bunny in upper case letters. This is fixed in version 0.03 and 0.04, but if you have the 0.02 version here's the patch:
nano -w burrow.php
Once the editor opens, cursor down to line 45 and add the strtolower function to the existing line so that the new line looks like this:
$this->fileName = 'burrows/'.strtolower($serialNumber);
Save your change: Ctrl-X, Y, then Enter.
Securing OpenNab. We highly recommend using a TrixBox server or some other Linux server behind a firewall for this project. Running OpenNab on the public Internet with or without a hosting provider adds all sorts of security implications. At a minimum, there are some changes we recommend you make to lessen the opportunity for abuse from outsiders. Insert index.php documents in the folders that don't already have such a document. Here's what each index.php document should look like:
echo " ";
The second tip is don't activate the logging feature in vl/config.php because it will compromise the MAC addresses of every rabbit that connects through your server... unless you password protect the vl/logs directory. Finally, remove the phpinfo.php file from vl/tests once you complete your testing as this reveals all sorts of information to someone that may be attempting to break into your server.
Testing Your Nabaztag/tag. There are two tests you need to perform to make sure your Apache server, PHP, and CURL are operating properly. Using a web browser, go to the following links using the IP address or fully qualified domain name of your OpenNab Proxy:
http://my.domain.com/vl/foobar should return: ERROR 404 from OpenNab
http://my.domain.com/vl/tests/ should return: 48 passes, 0 fails and 0 exceptions with a Green Bar
Configuring Your Nabaztag/tag to Use OpenNab. Once you've passed the testing with flying colors, it's time to activate the OpenNab Proxy. Step 1: Get your tag/tag functioning reliably with Violet's server first. If you need help, here's a link. Before connecting through OpenNab, you'll also need to write down either the IP address of your TrixBox server on your internal LAN or a fully-qualified domain name that points to your web site on the Internet if you're using a hosting provider. So the syntax for the entry you're about to make should look like one of the following using your correct IP address or domain name:
wabbitvittles.com/vl (This one actually works if you'd just like to try things out without installing any software.)
Once you have your entry in hand, unplug your rabbit. Press and hold down the top button and reconnect power to your rabbit. As soon as all four front lights turn blue, release the button. This usually occurs in less than one second if you have an Internet connection. If you hold the button down too long after the lights turn blue, you'll need to start over. Now count slowly to twenty. From a wireless PC or Mac on the same subnet as your rabbit, open the Wireless Networking window and select Nabaztagnn as your WiFi host. The nn will match the last two numbers of the MAC address on the bottom of your rabbit. Count to twenty again and then open the following page with a web browser: http://192.168.0.1/. Click on Click Here to Start link. When the next page displays, click Advanced Configuration. You shouldn't have to change anything except the very bottom entry on the form which reads r.nabaztag.com/vl. Replace that entry with the entry you wrote down above and Save your change. This will reboot your bunny, disconnect you from the wireless connection, and restart your bunny using the OpenNab Proxy. Now is a good time to reconnect your PC or Mac to a functioning wireless network! The lights on your bunny will start out orange and then should turn green and go away after the bunny wiggles his ears. When properly connected, you'll have the glowing purple light on the bottom of the bunny and no other lights lit... just as you had when connected directly to Violet's server. Congratulations! You now have an operational OpenNab Proxy.
But What Can It Do? If you'd like to try all of this through our OpenNab Proxy first, then go through the configuration step above using wabbitvittles.com/vl as your proxy address. Once your bunny springs to life, here's a simple test to make sure everything's working. Write down the MAC address of your bunny. Then open a web browser and go to the following link substituting the MAC address of your bunny for the string of zeros, of course. You can also pick any other city and state in the United States... as long as they really exist. This demo system uses Cepstral's Diane 8kHz English voice. There are many others available. You can try them out here.
The Cepstral voices on our demo site are nice, but we don't find them to be appreciably better than the default voice installed with Flite. Flite also happens to be free and is bundled in the TrixBox servers we recommend. There's also the hassle of finding a conversion utility to get the text into a format that your bunny can decipher. All of these tools come preconfigured on the TrixBox systems. Hint!
OpenNab Applications. We're going to contribute several OpenNab applications to get you started today. Before you can use them, you'll need a TrixBox server or a garden-variety Linux server if you know what you're doing. If you roll your own, install Flite or Cepstral to handle text-to-speech conversion and a conversion tool to get the files into a format your bunny can decipher. You can look through the last couple dozen lines of code in the applications to figure out what you need.
Cepstral Installation. The only trick to installing Cepstral is choosing a good voice. We've had better luck with the "telephone voices" which are 8kHz, but you can try out all of them here. We'd recommend you begin by downloading the Diane-8kHz voice for Linux and get it working first. You don't have to buy it unless you like it! Once you download it, log into your TrixBox/Linux system as root, and issue the following commands using the voice name associated with your download:
[copy your download into the /cepstral folder now]
tar xvsf Cep*
When prompted for the installation path, use /nerdvitt. Just to make sure you have a link to the application in your path, execute the following command:
ln -s "/nerdvitt/bin/swift" /usr/local/bin/swift
When you decide to buy a license ($30), you'll get an activation key. You activate it by issuing the following command (while logged in as root!) and filling in the blanks using the same name you used when you purchased the license:
swift --reg-voice -n Diane-8kHz
Installing OpenNab Applications. First, you'll need to download the desired applications. Assuming you want all of them, just execute the following commands after logging into your TrixBox server as root:
Once you've unzipped the files, you'll need to edit each .php file to configure it. For the weather, edit the following file: nano -w opennab-weather.php. The configuration changes begin at line 37:
if (strlen($city)==0) :
$city="Charleston, South Carolina";
if (strlen($SN)==0) :
$SN = "000000000000";
Choose a default city to replace Charleston, South Carolina, e.g. Atlanta,GA is fine for the syntax. Enter the serial number ($SN) of your rabbit to replace 000000000000. If you're using a TrixBox server, the $WebRoot and $BinRoot entries are fine. These are the root directory of your web server and the location of the Cepstral executable. Replace the $ProxyAddress entry of 0.0.0.0 with the IP address fully-qualified domain name of your TrixBox/Linux server. If you plan to use Flite for speech synthesis, nothing else needs to be changed. If you're using Cepstral, change $UseCepstral=false to $UseCepstral=true. Don't delete the semicolon at the end of the line! If you're not using the Diane-8kHz voice with Cepstral, enter the file name of your voice surrounded by quotation marks. Save your changes: Ctrl-X, Y, then Enter.
Now edit the opennab-news.php file: nano -w opennab-news.php. Beginning at line 18, you'll find the configuration settings:
if (strlen($category)==0) :
if (strlen($SN)==0) :
$SN = "000000000000";
Choose a default news category to replace topstories. Available choices include: topstories, us, world, iraq, world, mideast, politics, business, health, science, technology, showbiz, mostviewed, mostemailed, mostblogged, highestrated, adventures, obits, hotzone, nasashuttle, sept11, oped, oddlyenough, and many others. Here's the complete list of Yahoo RSS Feeds. Enter the serial number ($SN) of your rabbit to replace 000000000000. If you're using a TrixBox server, the $WebRoot and $BinRoot entries are fine. These are the root directory of your web server and the location of the Cepstral executable. Replace the $ProxyAddress entry of 0.0.0.0 with the IP address fully-qualified domain name of your TrixBox/Linux server. If you plan to use Flite for speech synthesis, nothing else needs to be changed. If you're using Cepstral, change $UseCepstral=false to $UseCepstral=true. Don't delete the semicolon at the end of the line! If you're not using the Diane-8kHz voice with Cepstral, enter the file name of your voice surrounded by quotation marks. Save your changes: Ctrl-X, Y, then Enter.
Running the Weather Application. There are several ways to run each of these new applications. The weather application can be activated using a web browser using the IP address of your TrixBox/Linux server:
The application also can be run from the Linux command line after logging into your server as root:
php /var/www/html/vl/api_demo/opennab-weather.php city=Charleston,SC
Using the command line syntax, you also can schedule the application to run automatically at various times of the day using a crontab entry. For example, the following entry could be added to /etc/crontab to kick off a weather bunny report at 29 minutes after the hour beginning at 6:29 a.m. until 8:29 p.m. every day:
29 6-20 * * * root /etc/weather.sh
For the /etc/weather.sh script, simply copy the above line to the script and make it executable:
echo php /var/www/html/vl/api_demo/opennab-weather.php city=Charleston,SC > /etc/weather.sh
chmod +x /etc/weather.sh
Running the News Application. The Yahoo News application can be run in much the same way. It could be activated using a web browser using the IP address of your TrixBox/Linux server:
The application also could be run from the Linux command line after logging into your server as root:
php /var/www/html/vl/api_demo/opennab-news.php category=topstories
Using the command line syntax, you also could schedule the application to run automatically at various times of the day using a crontab entry. For example, the following entry could be added to /etc/crontab to kick off a news bunny report at 1 minute after the hour beginning at 6:01 a.m. until 8:01 p.m. every day:
01 6-20 * * * root /etc/news.sh
For the /etc/news.sh script, simply copy the above line to the script and make it executable:
echo php /var/www/html/vl/api_demo/opennab-news.php category=topstories > /etc/news.sh
chmod +x /etc/news.sh
Finding the Latest Nabaztag Applications. Well, that should get you started with OpenNab. And we'll be adding more and more applications in the weeks ahead as others begin to contribute as well. It seemed a fitting time to dedicate a new web site to our non-furry friend so... Welcome to Wabbit Vittles. If you have a contribution to add, just send us a message, and we'll be glad to host it for you. You'll also want to check out the terrific new Nabaztalk Forums for late-breaking tips and tricks. Enjoy!
For those that have been sleeping under a rock these past few months, you may not have heard of a little company called FON Technology which has been seeding the world with low-cost WiFi hotspots by giving virtually anyone with a broadband connection a dual port WiFi router for $5 U.S. or €5 in Europe. If you were lucky enough to be in San Francisco last week, all you had to do was show up to get a free one. The router provides a private, secure WiFi network for your home or office while providing a public port for others to use at little or no cost.
Those who install the FONera WiFi router get a choice of getting half the $3 per day proceeds for each user that connects through their router or getting free WiFi access through all other FONera routers throughout the world. There currently are over 100,000 routers deployed. Over 4,000 more were ordered just last week. That’s the good news. The bad news is that, despite substantial venture capital funding recently from Google and Skype, FON has decided to discontinue the €/$5 program. Beginning November 8, the price of the Wi-Fi routers will increase to $29.95 in the USA and 29 euros in Europe. So here’s your technology hint for this week: ORDER YOUR €/$5 FON ROUTER by visiting their web site. And do it NOW! If you snooze, you lose on this one.
The router is about the size of a pack of cigarettes and has excellent range. We ordered one last week and received it in a couple days. Installation was a snap. And it works as advertised. For Mac users, you will need the latest Airport firmware to use the private network. You can even download the source code for use on other Openwrt-compatible routers if that’s your thing. For a map of currently deployed FON routers around the world, click here. For additional information, visit WiFi Net News or c|net or GigaOM.
Getting Wi-Fi to play nice is another one of those grammatically incorrect, but thorny Linux problems that Asterisk® inherits because of its roots. In the Windows and Mac worlds, we've become accustomed to plug-and-play for things like Wi-Fi USB sticks, but it ain't that easy with Linux unfortunately. Once you get the right device, this project will take you less than 30 minutes to complete. But we've invested almost a week getting everything to work ... so you won't have to. If the Linux community ever wants to see Linux used as a desktop PC, this piece of the puzzle needs some work! Even with the correct hardware and drivers, there is virtually nothing available on either the net or in the 1,000 page Linux tomes that makes this project simple. Admittedly, we're anything but Linux gurus, but we can read. And it shouldn't be this hard to find the answer to the following simple question: how do I set up a WiFi connection on my Linux box. Now that we know how, we would hasten to add that you shouldn't have to bury code in numerous obscure places in the operating system and issue dozens of unintelligible Linux commands to make a Wi-Fi adapter come to life! So, why do it, you might be asking. Keep reading, and we'll get to that.
Who needs it? Anyone in the emergency preparedness and continuity of operations business oughta have a WiFi PBX in their suitcase! Can you spell K-A-T-R-I-N-A. And if you or your organization wants the flexibility of an instant, high performance telephone system on a moment's notice, then WiFi is a must-have. Ever been to a convention with your entire office but didn't want to leave all your phones behind? Now you don't have to. Using Wi-Fi IP phones, this entire phone system can be deployed WITH NO WIRES using a battery-operated notebook computer or, better yet, a small-footprint PC (see inset) plugged in to a $200 generator or a low-cost UPS if electricity is flowing. And someday we may get Asterisk running on our Nokia 770, but not this year.
What to Use. The easiest solution for Voice Over Wi-Fi is a WiFi USB stick and an Asterisk@Home server. Why USB? Because you can use it with almost any modern PC on the planet without having to install a card in the machine. There are now close to two dozen different WiFi sticks available at stores such as CompUSA, MicroCenter, and Fry's. The only problem is the scarcity of Linux drivers for ALL of them. Luckily, there is one chipset that works without a dog-slow Windows driver emulator (such as ndiswrapper): the ZD1211 chipset. Both the Safecom SWLU-5400 and SWLUZ-5400 have this chipset. The real beauty of this USB adapter is that it can function as a host in an Ad Hoc Wi-Fi network, or it can be configured in Infrastructure Mode to take advantage of an existing Wi-Fi access point serving as a Master. The device also can be configured as a Master or Repeater and supports both WEP and WPA encryption as well as 802.11B and G. Bottom line: This WiFi stick has the flexibility to function in virtually any type of existing or newly created Linux Wi-Fi network. That was our theory anyway. Read on.
Where to find one. Finding the right product turned out to be the easy part. If you're in the U.S, the more difficult task is finding a USB adapter with this chipset. In Europe, they're a dime a dozen. While they are FCC approved and include a chipset manufactured by Texas Instruments, they're almost impossible to find stateside. One possible source is eBay. Search for Safecom USB WiFi and be sure to check the Search title and description box. There's almost always at least one for sale. If not, check back in a day or two or request an email when one is listed. With shipping, you should be able to find one from various U.K. distributors for about $30. Be sure the ad states that the product uses the ZD1211 chipset, or you're wasting your money. NEWS FLASH: IOgear now makes the GWU523 which reportedly has the same chipset (although we have not actually tested one). Here's the PriceGrabber link of sources. One that we now have tested with the same chipset is AirLink's AWLL3026 which is on sale this week at Fry's or Outpost.com. If you get in a crunch and can't find one, contact us. We have a few spares (not on sale) that were used only to verify that they worked.
Wi-Fi Deployment Issues. There are many ways to deploy a Wi-Fi network and adding an Asterisk PBX to the mix just multiplies the number of available choices. To keep things simple, we've chosen what we believe is the easiest approach, but your needs may vary so we'll point out other options as we go along. We're assuming you have an Asterisk@Home 2.2 server already running because it's the easiest way to deploy Asterisk on the Linux platform. CentOS/4 is built right in. Here's our 90-minute step-by-step guide if you need it. We're also assuming you have a WiFi access point or router (802.11B or 802.11G) already in place and working with at least one wireless device. If not, start there and come back.
Our Wi-Fi lab (aka home) and test server for this project may or may not be typical. The PC is an EZgo which is roughly the size of a Mac mini or about 4 stacked CD cases (see inset above). You can see the USB stick hanging out the back of it. It's only about 2 inches long. And, yes, I hear someone asking, "Why not just use a Mac mini?" The short answer is that, while Asterisk runs on the Mac, it's no walk in the park. And, by the time you build a Mac system with the tools bundled in Asterisk@Home and get them all talking to each other, even my kids may be out of college. Let's just say you will quickly come to appreciate the real beauty of Asterisk@Home. For another painful approach to building a small-footprint Asterisk system, check out Tom's Networking. No, thanks.
We have a fairly large house so we have a WiFi router at one end and a Wi-Fi access point at the other. The two devices are hard-wired together with a 100 megabit, CAT5 network cable so they're both on the same network segment: 192.168.0.1 through 192.168.0.254. Several dozen devices are scattered around the various rooms on the three levels of the house to keep me entertained but mostly to keep me out of the Little Mrs. hair. A burglar's paradise, you might be saying ... well, yes, except we'd get your picture on the way in and out.
The ESSID on both WiFi Masters is the same: MundyLANd. You need this setup for moving around a large WiFi network. The trick is that one unit operates on WiFi channel 1 while the other is set to channel 11. That way the signals don't step on one another, and your client device has the smarts to transparently switch from one access point to the other when it needs to... much like cellphones moving between cellphone towers. For purposes of this article, we will assume that your devices operate with 128-bit WEP encryption since it's the easiest to configure. Note: We didn't say WEP was secure. We just said it was easy to configure.
In the middle of the house, we have a new addition from Santa, a Sony wireless TV that operates as a Master on WiFi channel 6. We'll have more to say about it in a future column. And, yes, we still hate Sony after their rootkit fiasco! But Santa didn't know any better, and who are we to turn down free toys. Why is it that Sony never acted this way until an American took over the top job at the company? I'm sure our European and Asian readers will have a quick answer.
For now, what you need to know is that our home maxes out ALL of the existing U.S. WiFi channels, much to the chagrin of our closest neighbors. Because of the overlap between Wi-Fi channels, the only practical channels to deploy are 1, 6, and 11. This becomes important for this project because we want to make sure the new Linux Wi-Fi dongle plays nicely by not using an intermediate channel or, worse yet, the Sony WiFi channel (6) which doesn't provide access to the Internet without knowing a different ESSID and password, both of which are about as long as your arm.
The reason for this lengthy diatribe was to lay the groundwork to get you thinking Wi-Fi, and it also exposed the only technical wrinkle we observed in this project. When configured in Managed mode, the Safecom USB WiFi adapter is supposed to seek out the nearest access point and set itself to that channel. It doesn't. Our experience using this Linux driver with CentOS/4 which is bundled with Asterisk@Home 2.2 has been that this rarely works as it should. The channel selection appears to be almost totally random. When the device sets itself up on the wrong channel, all sorts of ugly things can happen. For openers, you probably won't get the network connectivity you expect. Many of the Macs and PCs in our house couldn't talk to the WiFi-enabled Asterisk box until we got the adapter correctly set to the channel of the nearest WiFi Master, channel 1 in our case. Obviously, if the device configured itself for Channel 6 or a nearby channel, we were out of luck ever talking to the box. That turned out to be a headache, but we'll show you a little discovery we made that makes it less painful. Just be aware that this may be a manual drill each time you reboot the WiFi Asterisk server or move it (not often, if you're smart!). We've had much worse luck with Windows PCs and WiFi devices over the years, so this really wasn't a deal breaker in our book. Connectivity works. The Linux driver works. Encryption works. And the phones ring. Those were the critical pieces in this puzzle from our perspective. Now on with the countdown!
Downloading the Linux WiFi Driver. After obtaining the hardware device, the next step is finding a Linux driver for it. There happen to be two, and someday when our hair grows back, we may try the other one. In the meantime, you'll need the Linux zd1211 driver which is available from SoureForge. Just find the site closest to you and download the compressed tarball from here. Here's where you'll find the other one just in case someone else enjoys water torture. Wasn't that easy? Well, not so fast.
Once you unzip and untar the driver bundle (tar -zxvf zd1211-XXXX.tar.gz), you'll find a README file which is actually pretty good. It only leaves out one little thing: the device name of the WiFi dongle on your Linux box. The answer is wlan0 (that's a zero on the end) so write it down. You're going to need it ... a lot!
Compiling and Installing the WiFi Driver. Now we're getting to the fun part. We're assuming you will be installing this on a freshly installed Asterisk@Home 2.2 system built using the ISO image. You can read all about how to do that here. Will it work with another version of Asterisk@Home? Maybe. Try it. Heh heh! This isn't the Windows or Mac world so drivers have to be compiled for the Linux box on which you wish to run the software using the Linux kernel that was in place when you compiled the software. So, here's gotcha #1. If you ever get an updated kernel with CentOS/4 (as you will when you run yum -y update after installing Asterisk@Home 2.2), you will need to repeat this drill and recompile and reinstall the driver. HINT: Run yum -y update on your Asterisk@Home 2.2 server before continuing! Now you see why Linux folks aren't overly enthusiastic about kernel upgrades.
To begin the WiFi driver install, just rename the downloaded driver folder from SourceForge to zd1211 and copy it to a safe place on your Linux machine while logged in as root, e.g. /root works great. Now switch to that folder (cd /root/zd1211) and issue the following commands to compile and install the driver:
Once this finishes, you'll need to manually load the driver. The README has some pretty good hints about this, but no cigar. Finding the correct answer requires that you first know the question to ask: find / -name *zd1211*.ko. This tells us where to find the little cream puff we want to load. Keep in mind that the "answer" will be different each time the Linux kernel version changes. If you're not running 2.6.9-22.0.1.EL, then this won't work. So how do you know which kernel you're running? Just type this simple (but obscure) command: uname -a. Now let's load the USB driver:
Once you've loaded the driver, we need to be sure it really, really is loaded: lsmod | more. Just scroll down the list with the enter key until you see an entry that starts with zd1211. Then press q to quit lsmod.
zd1211_mod 191876 0
Are we there yet? Why no, we're just getting started. Isn't Linux fun!
Firing Up the Wi-Fi Adapter. Actually, we're closer to being finished than you may have thought. There are just a couple more steps. We want to manually make sure things are working. Then we'll need to configure Linux to automatically load the WiFi driver each time you reboot your system. You'll find it's easier to get the kinks out of network drivers by first doing things manually, and then recording what you've done for posterity. For openers, you'll need an IP address for this WiFi adapter. That address obviously needs to be on the same subnet as the access point with which it will be communicating. For purposes of this example, we've chosen 192.168.0.77 on the subnet of our WiFi router which has IP address 192.168.0.1. YMMV. You also need to know some other things such as the subnet mask, the router's IP address, and an IP address for your DNS (name) server, but we'll get to that. Once you've chosen an IP address, let's fire up the adapter and then check to be sure it's running:
ifconfig wlan0 192.168.0.77
ifconfig | more
You should get a response that looks something like this:
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:12146 errors:0 dropped:0 overruns:0 frame:0
TX packets:12146 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:985362 (962.2 KiB) TX bytes:985362 (962.2 KiB)
wlan0 Link encap:Ethernet HWaddr 00:E0:98:F2:BB:40
inet addr:192.168.0.77 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::2e0:98ff:fef2:bb40/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10638 errors:0 dropped:0 overruns:0 frame:0
TX packets:3483 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:1301983 (1.2 MiB) TX bytes:335569 (327.7 KiB)
You'll see that wlan0 is in the list, and it has the IP address that we assigned. That's good news. You'll also note that there is no eth0 device shown even though our machine has an Ethernet adapter built into it. This is another little gotcha to keep in mind. Make sure, if your box has an internal Ethernet adapter, that you configure the main adapter to use DHCP to obtain its address. You do this by issuing the command netconfig and using the space bar to choose Use Dynamic IP Configuration. Then tab to OK and press Enter. The reason for this is very important. Lots of Linux software makes the assumption that eth0 is the default network adapter if it happens to be running. So we want to make sure it isn't running by unplugging the Ethernet cable before booting the machine. If you have a fixed IP address for eth0, then it will load eth0 whether a cable is connected or not. If you configure eth0 for DHCP, then eth0 will not be loaded unless an IP address can be obtained from a DHCP server. With the cable unplugged, you're pretty safe. So, if your machine is showing an eth0 device, reconfigure eth0 for DHCP, and reboot the machine. Then reissue the ifconfig command after logging back in as root. When your display shows two network devices like ours (loopback and wlan0), you're ready to proceed. Another clue: When Asterisk@Home starts up and you log in to your server, it normally tells you the IP address for accessing the Asterisk Management Portal using a web browser. This gets broken when you're using a Wi-Fi adapter that isn't on eth0 because Andrew's setup is merely regurgitating the IP address of eth0. Don't worry! It still works when you enter the correct IP address of your WiFi adapter.
Configuring the WiFi Adapter for Your Wi-Fi Network. Now that we have the WiFi adapter running, we'd like it to communicate with the WiFi network in our home or office. You obviously have to have a WiFi network up and running in your home or office for this to work. But we'll assume you've taken care of that little detail. 25+ years in the technology business has taught me to restate the obvious once in a while just in case something isn't quite as obvious to others. What we'll need now is the name of your WiFi network, the ESSID. And we need to know the channel on which your nearest WiFi access point is broadcasting. Finally, we need a way to identify this access point if you have more than one. Lucky for us, there's a Linux command that will tell us everything except your WiFi WEP password if you're using WEP encryption on your wireless LAN (you are using some sort of encryption, aren't you?).
iwlist wlan0 scanning
You'll get a result that looks something like the following:
wlan0 Scan completed :
Cell 01 - Address: 00:06:25:55:C4:E3
Frequency:2.412GHz (Channel 1)
Quality:68/92 Signal level=54/154 Noise level=0/154
Cell 02 - Address: 00:01:4A:10:EE:60
Frequency:2.437GHz (Channel 6)
Quality:4/92 Signal level=35/154 Noise level=0/154
Cell 03 - Address: 00:09:5B:2A:A2:AC
Frequency:2.462GHz (Channel 11)
Quality:4/92 Signal level=36/154 Noise level=0/154
Here's where things get a little buggy. You're supposed to be able to set the the ESSID, the broadcast Mode, the access point and the WiFi channel for the zd1211 using the Linux iwconfig tool. As mentioned previously, in standard Managed mode (meaning you'll be connecting to an Access Point on your WiFi network), you have no control over the channel or the access point. The theory was that the adapter would set itself automatically. Unfortunately it doesn't although your mileage may vary if you have only a single access point within range of your zd1211.
As we indicated on the front end, our WiFi network is somewhat atypical. So the best solution for you is to execute the following commands and see what happens on your own wireless LAN:
ifconfig wlan0 192.168.0.77 (use your designated IP address)
iwconfig mode Auto
iwconfig wlan0 essid "MundyLANd" (use your ESSID)
iwconfig wlan0 key F57EC678F1B061BAC59EC593EFE (use your WEP key)
iwconfig mode Managed
iwlist wlan0 scanning (reports the cell numbers of each access point in range)
iwpriv wlan0 connect 01 (use the cell number of the access point closest to your zd1211)
Now go to another machine in your network and see if you can ping your WiFi Asterisk@Home box:
ping 192.168.0.77 (use the IP address of your WiFi AAH machine)
If you're successful, great! Reboot your WiFi AAH machine and repeat the test. If it works twice, you're probably safe skipping the next section.
Forcing the WiFi Adapter to a Specific Access Point and Channel. If you're getting random results with the above approach, then here's the solution that works. Unfortunately, it requires a set of eyeballs each time you reboot your system unless there's only one access point within range of your Asterisk Wi-Fi box:
ifconfig wlan0 192.168.0.77 (use your designated IP address)
iwconfig mode Managed
iwconfig wlan0 essid "MundyLANd" (use your ESSID)
iwconfig wlan0 key F57EC678F1B061BAC59EC593EFE (use your WEP key)
iwlist wlan0 scanning (reports the cell numbers of each access point in range)
iwpriv wlan0 connect 01 (use the cell number of the access point closest to your zd1211)
iwconfig (should show the MAC address of the access point from step above)
iwlist freq (should show the channel in use that matches your access point's broadcast channel)
To be sure you have connectivity on your local area network, issue this command: ping 192.168.0.1 using the correct internal IP address of your own router/firewall.
This setup should work every time except you have to manually look at the results of the scanning report to decipher the proper cell number because the order of the list can change each time you run it. If only one access point is reported, you're in luck! Just test it several times to be sure. Once you're sure, you should be safe in executing the iwlist wlan0 scanning command followed by iwpriv wlan0 connect 01. Don't skip the scanning step, however, as this appears to "prime the pump." One other word of warning: don't execute the scanning command without first assigning an IP address to wlan0 using ifconfig, or you'll get an unrecoverable kernel panic.
That about covers all the gotcha's. The important lesson here is to get the network connectivity stable before you automate the process so that it autoloads when you boot your system. If you can't get stability in the channel and access point connectivity, at least make certain that you understand the limitations of your solution before making things automatic.
Adding Internet Connectivity. We haven't mentioned getting out to the Internet yet. For that to work, you'll need access to a name server (aka DNS). Here's another little Linux "feature" to bite you. The interactive mode of netconfig is designed to handle the eth0 interface. To get things working on the wlan0 interface, issue a command like this:
netconfig --gateway=192.168.0.1 --ip=192.168.0.77 --nameserver=18.104.22.168 --netmask=255.255.255.0 --device=wlan0
Be sure you adjust gateway (IP address of your router); ip (IP address of your new Asterisk box); nameserver (from a Mac or Windows machine: here's how to find it; on a Linux machine: nslookup mundy.org returns your DNS server's IP address on first line following Server:; netmask (you can find this with iwconfig); device=wlan0 (leave this alone). By the way, you only have to execute this command once, not every time you boot your system.
To make sure you've got Internet connectivity now, issue this command: ping novell.com. You should get a response showing the IP address of Novell's server. If not, check your entries above and try again.
Activating WiFi on Startup. One last piece and we're finished. We obviously want to activate WiFi connectivity on bootup and, if you only have one WiFi access point and no neighbors like me, you shouldn't have to manually tweak your system thereafter. As we stated initially, this ain't your daddy's Windows or Mac machine, so where to put what isn't quite obvious. You're also going to need to do this in two boot cycles because there are two separate pieces. If the second piece works and the first one doesn't, you'll get a seg fault and crash every time. Do you need to ask how I know?
Step 1: While logged in as root, create the following new file: nano -w /etc/sysconfig/network-scripts/ifcfg-wlan0 using your IP address, netmask, and gateway settings from the netconfig drill above:
When you're finished adding the above commands, save the new file: Ctrl-X, Y, the press Enter. Now reboot your server: shutdown -r now. Once the system comes back up, log in as root, and issue the following command: ifconfig. Make sure that the display shows an IP address (inet addr) for your wlan0:
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:425 errors:0 dropped:0 overruns:0 frame:0
TX packets:425 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:32582 (31.8 KiB) TX bytes:32582 (31.8 KiB)
wlan0 Link encap:Ethernet HWaddr 00:E0:98:F2:BB:40
inet addr:192.168.0.77 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::2e0:98ff:fef2:bb40/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:976 errors:0 dropped:0 overruns:0 frame:0
TX packets:592 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:91331 (89.1 KiB) TX bytes:75930 (74.1 KiB)
Step 2: While logged in as root, edit the following file: nano -w /etc/rc.d/rc.local. The existing file should look like the following. You'll note that this is where Asterisk@Home is actually started on bootup so be careful with your typing.
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
/usr/local/sbin/motd.sh > /etc/motd
Above the touch line, add a couple of blank lines and then cut-and-paste the following code using your ESSID and the password of your wireless LAN:
/sbin/iwconfig wlan0 mode Auto > /dev/null
/sbin/iwconfig wlan0 essid "MundyLANd" > /dev/null
/sbin/iwconfig wlan0 key F57EC678F1B061BAC59EC593EFE > /dev/null
/sbin/iwconfig wlan0 mode Managed > /dev/null
/sbin/iwlist wlan0 scanning > /dev/null
/sbin/iwpriv wlan0 connect 01 > /dev/null
Leave the mode Auto line alone. On the essid line, enter the name of your WiFi LAN in quotes. If you're using WEP encryption on your wireless LAN, enter the hex key in the next line. Otherwise, just delete the line: Ctrl-K. Leave the mode Managed line as is. Leave the iwlist scanning and iwpriv lines the way they are. Now save your changes: Ctrl-X, Y, then press Enter. Reboot again: shutdown -r now. Log in as root. Then issue the following commands:
The iwconfig command will tell you if you're connected to your Access Point and also indicate the Frequency (which tells you the channel your zd1211 is on). The iwlist freq decodes frequencies into channels and tells you which one you're talking on. If it's the same as the default channel on your access point, you're done. If it's not, run the command iwlist wlan0 scanning command again and eyeball the cell number which matches your access point. Then reset the channel by issuing the following command with the cell number you deciphered instead of 01: iwpriv wlan0 connect 01. Whew! Congratulations! You're now the proud owner of an Asterisk-based Voice Over Wi-Fi PBX, and you're getting darn close to being a Linux guru. Enjoy!
Free U.S. Calls. Everybody loves free samples so here's one for you. You may remember Gene Willingham and the good folks at TelaSIP, the winner and least expensive provider in our unlimited U.S. long distance calling shootout. In a moment of weakness, TelaSIP's agreed to let you try out some free U.S. phone calls on their nickel. The service uses our Asterisk server and TelaSIP's long distance bandwidth. Calls are limited to 10 minutes after which the callee will hear "Goodbye" followed by a click. You'll get two beeps followed by a fast busy. In other words, time's up! Here's how to use this free service. Call from a phone in the U.S. with CallerID. Call the number shown on the map (inset) which is one of our DIDs in Charleston, South Carolina. The call will never be answered so you won't be billed for the long distance call. Within 10 seconds, you should hear a fast busy. Hang up, and our Asterisk server will call you back within 30 seconds assuming you have caller ID enabled. You won't believe how many calls we receive each day from folks with caller ID disabled. HINT: No return call = No caller ID. If you do get a call back, listen carefully when you answer! You'll be provided a random password for your call, and then you'll be prompted to key it in. With your phone keypad, do that and press the pound key (#). If you get a message that it's incorrect, try again (HINT: We told you to listen carefully). Once you successfully enter the password, you'll then get a DISA dial tone. Dial 1 and then the area code and phone number of someone you love (in the United States only). This is an excellent way for you to check out the voice quality of TelaSIP calls without spending a dime. Just don't abuse the offer or this paragraph may magically disappear ... as will the free calls. For those that don't know us, we don't record your calls, and we don't store the number of the person you're calling although the Asterisk logs probably have it for a while anyway. For security purposes, we do log your CallerID and the time of your call just in case you do something you shouldn't be doing and the FBI traces the call back to us. If any of the above offends you, exercise your constitutional right to not use this free service. Believe it or not, someone wrote and asked why they couldn't use this service without CallerID enabled on their phone. Think about it! And you won't believe how many calls we receive each day with a CallerID of Asterisk. That won't work either.
Nerd Vittles Allison Fund. As we mentioned last week, our next major project is an Appointment Reminder System. Using a touchtone phone, you can schedule an unlimited number of customized voice reminders for delivery at any future time to any phone numbers you desire. To make it work, we need customized voice prompts for the IVR interface. Unfortunately, these cost money. Allison, who records the Asterisk voice prompts for Digium, needs to eat. And so do we. We're springing for the costs of the prompts up front, but this is your golden opportunity to contribute to the cause. Provided we raise enough money to cover the costs, we'll put the voice prompts in the public domain. Otherwise, when the project is presented, those that didn't contribute will have to record their own voice prompts in order to use the system. The generous will get the Allison prompts either on a password-protected web site or by email.
Last week's donations were a little disappointing. We raised a whopping $15 which means less than half of our regular readers have donated to the cause. And, until yesterday, there wasn't a single donor from the U.S. Thanks, Hollywood, for breaking the curse. Unless there's a surge of enthusiasm and generosity this week, better get those baritone voices tuned up. But, it's not too late to show your true colors! Go for broke and make a $5 non-tax-deductible contribution via PayPal using any major credit card. You'll sleep better! Just click on this link. And, you have our absolute commitment. If we hit a million bucks, we'll never pass the hat again. Of course, we might stop writing these silly articles, too. But, based upon last week's numbers, it doesn't look like there's much risk of a financial windfall here. We're just trying to recoup the costs of the voice prompts.
Coming Attractions. We have a number of projects underway to keep us busy for the next few weeks and months, but we always love to hear from you. If there is a particular Asterisk project you'd like us to cover down the road, leave a comment. We read every one of them. On our short list at the moment are a HOW-TO on connecting two Asterisk servers together and all the great things you can do once you've done that such as building a failover Asterisk system, HOW-TO connect remote IP and IAX phones to your Asterisk system (both wired and WiFi), instant messaging, key system emulation with Asterisk@Home 2.2, DUNDI, HOW-TO let Asterisk read your emails to you over the phone, the new Appointment Reminder System mentioned above, plus a few surprises. Don't expect all of this overnight, but we'll get there. With most of this stuff, we usually write about it as we build it. So you're reading these articles while riding in the front seat most of the time. Come back and visit often and tell your friends about us.
Some Recent Nerd Vittles Articles of Interest...
Microsoft deserves a lot of credit for popularizing the idea of Web Folders, but the open source movement gets the accolades for making WebDAV work reliably across all the computing platforms. If you didn't already know, WebDAV stands for Web-based Distributed Authoring and Versioning. Simply put, it is an HTTP protocol extension that allows people anywhere on the Internet to collaboratively edit and manage documents and other files using the same protocol and port used for surfing the web. In the Mac world, WebDAV provides a Disk Volume on your Desktop that "looks and feels" like any other networked hard disk. In the Windows world, WebDAV provides a Web Folder which can be used like any other mapped drive in Network Neighborhood. If you're still a little fuzzy about the WebDAV concept, think of how you link to another drive on your local area network. WebDAV gives you the same functionality across the entire Internet with virtually the same ease of use. Depending upon user privileges, of course, you can copy files to and from a WebDAV volume, and the protocol imposes versioning control through file locking to assure that multiple people don't change the same file at the same time. Panther and Tiger versions of Mac OS X provide both a WebDAV client and server, and today we'll walk you through configuring and using both the client and the server on your Mac. Because of the number of folks that also use Windows machines at the office, we'll also briefly touch upon how to access your Mac WebDAV resources and set up a Web Folder from a Windows XP machine.
HOW-TO Use the WebDAV Client on the Mac. We're going to start by walking through the set up process for connecting to a WebDAV server resource anywhere on the Internet. To connect to a WebDAV resource from a Mac, press Command-K from Finder. Then enter a Server Address in the following format: http://192.168.0.103/dav/. This tells Finder to use the HTTP protocol to establish a link to an IP address and folder that you designate. You also can use a fully-qualified domain name in lieu of an IP address. Typically, you'll be prompted for a username and password, and then a new volume will appear on your Desktop which can be used just like your local hard disk. When you finish using the resource, CTRL-Click on the volume and Eject it. It's that simple.
HOW-TO Use Web Folders on a Windows PC. The Windows process is a bit different as you might expect, but the results are the same. Once connected, you'll have a mapped drive that can be used just like any other network drive. The simplest way is to map a drive (see inset). To access Web Folders and save your settings, we're going to use the Add Network Place Wizard. You can access it in several ways. Either Right-Click on Network Neighborhood and choose Map Drive. Or from My Network Places, choose Add a network place. Or from Windows Explorer, choose Tools->Map Network Drive. Now click "Sign up for online storage or connect to a network server" at the bottom of the window.
When the Add Network Place Wizard appears, you'll be prompted for where to create the network place. Select "Choose another network location" and click Next. For the Internet address, use the same syntax as on the Mac: http://192.168.0.103/dav/ and click Next. Give your network place a name and click Next then Finish. Your new Web Folder will now appear in My Network Places. Just click on it to connect. Here's the gotcha with WebDAV on the Windows platform. If you access a Web Folder by IP address, when you're prompted for a username and password to log in, the username must be in email format: firstname.lastname@example.org. Another "Better Idea" from our friends at Micro$oft. So when you create usernames on your Mac, keep this in mind if you want Windows users to be able to access the resources reliably. It doesn't matter what the email username or domain is, but it has to be in email format. When you finish using a web folder, be sure to disconnect. Open Windows Explorer, choose Tools->Disconnect Network Drive, and select the Web Folder you wish to disconnect.
Connecting to a WebDAV Resource. We've temporarily set up a sample WebDAV server on one of our Tiger-enhanced Macs so that you can experiment with WebDAV access from your favorite Mac, Linux, or Windows machine. For reasons which should be obvious, we've disabled writing to our WebDAV server only because we didn't want our hard disk filled up by some anonymous bozo in the middle of the night. We're also going to provide a single username and password for everyone to use. It should be stressed that neither of these scenarios is typical. First, the usual purpose of a WebDAV server is to facilitate collaboration which means all authorized users should be able to read and write to the volume. Second, you usually don't provide access to a WebDAV server for anonymous users. That's what web sites are for. But this is Wiki World, and we wanted to show you how these things are put together before you roll your own. So bear with the constraints recognizing that, when you set up your own WebDAV server, it will be much more robust.
To access the system, follow one of the client access methods outlined above. The web address using Windows is http://webify.us. For Macs, use http://dav.webify.us:82. When prompted for a username and password, use bozo for the username and forlife as the password. If you have problems with the username on a Windows PC, use email@example.com. Don't forget to disconnect when you are finished playing. NOTE: This system (only) will be down for a move to its new permanent location from Thursday afternoon, May 26 until Saturday morning, May 28. Our apologies.
That about covers using a WebDAV client. For step-by-step instructions on creating your own WebDAV server on your Mac, here's a reprint of the article from our former Tiger Vittles site.
ISP-In-A-Box: Building a WebDAV Server for Remote Access
Ever wished you had several gigs of off-site disk storage so you could safely back up all your most important data and use it for remote access or collaboration. One option, of course, is a .Mac account which gives you 125MB of iDisk storage space and other goodies for $99 a year. You can increase your iDisk to a gigabyte for an additional $49.95 a year, a bargain compared to some commercial sites. Here’s another approach that’ll save you hundreds of dollars a year. Find a friend with a Mac and an Internet connection and swap several gigs of storage space on your friend’s Mac for several gigs of storage space on yours. Then follow along here, and we’ll show both of you how to build and use WebDAV servers to do exactly what the commercial firms are doing. And you can use the Apache software that’s already installed with Mac OS X Tiger.
As you now know, WebDAV stands for Web-based Distributed Authoring and Versioning. Simply put, it is an HTTP protocol extension that allows people anywhere on the Internet to collaboratively edit and manage documents and other files using the same protocol and port used for surfing the web. In the Mac world, WebDAV provides a Disk Volume on your Desktop that “looks and feels” like any other networked hard disk. In the Windows world, WebDAV is called Web Folders. They can be used like any other mapped drive in Network Neighborhood. If you’re still a little fuzzy about the WebDAV concept, think of how you link to another drive on your local area network. WebDAV gives you the same functionality across the entire Internet with virtually the same ease of use. Depending upon user privileges, of course, you can copy files to and from a WebDAV volume, and the protocol imposes versioning control through file locking to assure that multiple people don’t change the same file at the same time. Panther and Tiger versions of Mac OS X provide both a WebDAV client and server. Nerd Vittles walked you through configuring and using the WebDAV clients. So let’s tackle the WebDAV server setup now. This works with Tiger or Panther by the way.
In a nutshell, the WebDAV server setup goes like this. We’ll create a new subdirectory in the web server’s storage folder which we’ll use for WebDAV read and write access. Then we’ll set up a username and password system to support WebDAV access. Next we’ll activate the WebDAV mods in Apache which already are installed on your Mac. We’ll then reconfigure Apache a bit to support WebDAV formatting. And finally we’ll restart our web server and presto, WebDAV. You don’t need to be a Rocket Scientist to do this, but you do have to get your hands dirty with a command-line editor, Pico. If you’ve followed other Nerd Vittles tutorials, then this one will be a breeze. Just be sure you edit carefully and, if something does go wrong, copy your backup Apache config file back over the edited one and try again. Apache errors don’t get reported in System Preferences->Sharing when you activate your personal web server. If you have problems and want to see what’s going on, activate and then run WebMin (which we previously covered at Nerd Vittles and upgraded here last week for Tiger). Using your browser, access WebMin and choose Servers->Apache Webserver. Then start and stop the web server from there. Errors will be reported with the line number in the config file that’s causing the problem. Ctrl-C in Pico will tell you what line number you’re on in the config file. If this sounds like I’ve had recent experience, you’d be correct. But you won’t have to pull your hair out. I’ve already done that with mine.
Creating a WebDAV Folder. Open a Terminal window, and switch to root access: sudo su. Then navigate to the root of your web server folders: cd /Library/WebServer/Documents. Create a new WebDAV folder: mkdir dav. Change the permissions of the folder’s group to match the Apache group: chgrp -R www dav. If you want to provide write access to users who connect to your WebDAV folder, then change the permissions to allow it: chmod 775 dav.
Building a Password File. We already built a password file in the Web Sites 101 tutorial on Nerd Vittles. We used that password file to manage web site access to various web directories. You probably don’t want to use the same password file for WebDAV unless you are building this just for yourself. The only trick to password files is you want to put the file where Apache can read it but your web visitors cannot. And you want to be careful not to insert blank lines in the file with just a colon. That basically lets everyone in. The format for the file is username:password, each on a separate line. And the passwords are encrypted. Here’s how to do it.
Open a Terminal window and switch to root access: sudo su. Now move to the directory where we’ll put the password file: cd /usr/local. We’re going to name this password file dav.pw so we can remember what it’s for. To create the file and erase any existing file without warning type: htpasswd -c dav.pw admin. Think up a password you can remember, and you’ll be prompted to type it twice. Now let’s verify that the file was created: cat dav.pw. You should see the word admin, then a colon, and then your encrypted password. To add additional users to the file, just type: htpasswd -m dav.pw username where username is your next user. You’ll be prompted for the password. Remember, if you accidentally use the htpasswd -c syntax a second time, you will overwrite your existing file and all of its entries. So be careful. Finally, remember to make duplicate entries using full email syntax for the username to assure that Windows users can access your DAV resources: htpasswd -m dav.pw firstname.lastname@example.org.
Reconfiguring Apache to Support WebDAV. Open a Terminal window, and switch to root access: sudo su. Then navigate to the folder with Apache’s configuration file: cd /etc/httpd. First, let’s make a backup copy of the config file in case something goes wrong: cp httpd.conf httpd.conf.dav.save. Now let’s carefully edit the config file: pico httpd.conf. Uncomment the headers_module line by searching for headers (Ctrl-W, headers, enter) and then pressing Ctrl-D while positioned over the # sign at the beginning of the line. Now search for mod_headers (Ctrl-W, mod_headers, enter) and uncomment that line (Ctrl-D while positioned over beginning # sign). Now search for dav_module (Ctrl-W, dav_module, enter) and uncomment the line (Ctrl-D while positioned over beginning # sign). Now search for mod_dav (Ctrl-W, mod_dav, enter) and uncomment the line (Ctrl-D while positioned over beginning # sign). Now press Ctrl-V repeatedly until you get to the bottom of the file. Switch to your web browser and download this WebDav snippet. When the code snippet displays in your web browser, press Command-A then Command-C to copy all of the code to your clipboard. Then switch back to Pico, click at the bottom of the config file, and paste the code snippet into the config file by pressing Command-V. Use the down arrow to move to the BrowserMatch section of the code we just pasted and be sure “redirect-carefully” didn’t end up on a line by itself. If it did, position the cursor over the first letter “r” and press the backspace key to move it back up to the end of the previous line of code. Don’t worry if a dollar sign displays at the end of the line after you move it. This just indicates that additional text is off the screen… the price we pay for using a free editor. Now we should be all set. Save the config file: Ctrl-X, Y, enter. And restart Apache by deselecting and then reselecting Personal Web Sharing from System Preferences->Sharing. Close the Terminal window by typing exit, pressing enter, and then pressing Command-Q.
Testing Your WebDAV Server. To test whether WebDAV is working, switch to your Desktop and, using Finder, press Command-K. When prompted for the server address, type http://localhost/dav and then click the Connect button. Enter your username and password that you created in the dav.pw password file, and a blank dav folder should appear on your Desktop. Drag a file from your Desktop to the folder to be sure everything is working as it should. If you’ve enabled web access through your Mac and router firewalls (which we have previously covered here), then you should be able to access your WebDAV folder from the Internet with your IP address or domain name using the syntax: http://mydomain.com/dav. Enjoy your new WebDAV server. Now all you need is a friend to share it with.
It’s been a week since Tiger was released, and we finally got our copy even though it was several days late. Apple more than compensated for the delay by offering up a free copy of iWork or iLife. Class act, that Apple. Our project for today is to upgrade your Mac mini to Tiger. Then we’ll send you over to Tiger Vittles to upgrade the Top 10 ISP-In-A-Box projects that we built earlier this year so that they all work again. Sounds like a whole weekend project, doesn’t it? Think again. Believe it or not, it took a little more than an hour to upgrade Panther to Tiger and about one more hour to get all ten of the following applications working. If you’re from the Windows World or have any familiarity with any server platform other than Macs, you know just how incredible that is. If not, just count your blessings, twice. Tiger is a must-have upgrade. And, if you happen to have two to five Macs in your household, it’s just about the best deal on the planet. Imagine Exxon selling you gasoline for 50¢ a gallon just because you own five automobiles.
Prerequisites. For purposes of this article, we’re assuming your Mac mini came with Panther preinstalled or that you’re upgrading another Mac that already has Panther installed. You also should have installed whichever applications above that you want to use while still running Panther. Stated another way, this tutorial won’t necessarily help you if you install Tiger and then attempt to install some of the applications above. We haven’t tested new installs on Tiger yet. So, if there are some applications you want that you haven’t installed, click on the appropriate links above, and do the installs before upgrading to Tiger. You also should make certain that any of the applications you need already work under Panther. Don’t upgrade to Tiger until they do. Finally, you’ll need $9.95 if you want to enable any or all of the email servers using PostFix Enabler for Tiger. Hint: You only really need the SMTP mail server if you’re planning to use the Email Reminders or the WordPress blog.
Upgrading from Panther to Tiger. The first thing you need to do before you begin the upgrade is to read HOW-TO: Prep Your Mac for a Tiger Upgrade on our Tiger Vittles site. Then you need to review the software compatibility lists on our Tiger Vittles site: Tiger-Ready Applications: The Good, The Bad, and The Ugly. If there is some application you absolutely have to have and it’s on our Bad or Ugly lists, then you probably will want to hold off on upgrading for a while. If you need VPN software to connect to your office, that’s probably a deal-breaker. Virtually all of the VPN clients are broken with Tiger at the moment.
In a nutshell, the upgrade process we used went like this. We obviously can’t guarantee that it will work for you because we don’t know what is on your system or what condition your system is in. So proceed at your own risk and call Apple if you run into problems. They get money for this. We don’t.
Go have a snack while your Mac is indexing. Then meet us over at Tiger Vittles today to upgrade the first ten ISP-In-A-Box server applications to work with Tiger. And, while you’re there, check out how your other favorite applications are doing with Tiger.
Nerd Reminder: Don’t forget to call your mama this weekend. Flowers would be a nice touch.
In the beginning, there was Napster. And then there wasn’t. Then, from our friends at AOL, sprang Gnutella. And Gnutella begot Limewire. Now you can download BitTorrent for free from Apple, and Napster’s once again offering unlimited song downloads … as long as your $15 check clears each month for as long as you both shall live. What’s wrong with this picture? Well, that’s for the Supreme Court to know, and you to find out. In the meantime, while the Supreme Court is deciding the future of peer-to-peer (P2P) networks in the United States, it seemed like a good time to once again propose a fresh approach to the music sharing problem and to briefly review some of the P2P software options which are available at least today on the Mac platform.
It’s the M-Chip, Stupid! We won’t wade into the legal thicket of how you should use P2P tools other than to note, as we have in the past, that Congress has really dropped the copyright ball by refusing to consider creative solutions to the music and movie downloading problems and instead opting to rubber-stamp legislation reportedly drafted by the folks they should be regulating. It would be so easy to add $100 to the price of every music or video player and make all of this litigation go away. Before you say $100 is too cheap, just consider how many music and video players you have in your home and cars and how long they typically last before you buy new ones. The tally for our family is close to 20 devices, but don’t tell your burglar friends! Think of my proposal as a reverse V-Chip for music. Let’s call it the M-Chip. Instead of locking you out of content as the V-Chip does, the M-Chip would let you in. Pay your $100 and the M-Chip would enable your music player to play any music (encrypted or not) that you can get your hands on … legally! M-Chip proceeds would go to the record companies and musicians. And, down the road when every music player had an M-Chip, why would we need encryption any longer other than to make the music moguls sleep better? The only drawback I see to this approach is the poor lawyers. What would all of them do if the ‘music problem’ just went away?
If you want to read more, here’s a link to our previous discussion of this topic. And the Electronic Frontier Foundation has a great site that explains everything which is at stake in the pending Supreme Court case. We’ll assume that the Supreme Court will do the right thing and allow P2P networking technology to coexist with the recording industry and the movie studios. But who knows? Perhaps the next big public works project can be building enough jails to house the million plus Limewire users who are on line most of every day and night. Or, we could borrow a page from the Chairman of the Senate Judiciary Committee, Senator Orrin Hatch. He believes we should blow up the computers of people who download music illegally. Isn’t it nice to finally see one of our elected representatives thinking creatively? We’d like to believe he was just frustrated by the difficulty of the copyright problem. Otherwise, just think what he might do to you for stealing something that costs more than 99¢. Death row, here we come. Three songs, and you’re out … for good.
The real problem with all the legal mess, and it is most assuredly a mess which is only getting worse, is the adverse effect it is having on an entire generation of Americans who see nothing really wrong with committing felonies before breakfast each morning… assuming they’re up at that time of the day. And, of course, there’s the chilling effect it is having on enhancement and use of an incredibly versatile and creative technology: P2P networking. Killing off technology pioneers to deter music pirates is not unlike biting off one’s nose to spite your face. In short, it’s a great way to irreparably damage the innovative spirit which has made the United States a creative force since the days of Thomas Edison. Write your representatives in Congress and urge them to look at this issue responsibly … as if their children’s futures and respect for the American legal system were at stake. They are. End of sermon.
If P2P networking is your thing, then there is no finer platform for it than the Mac. Why? That’s an easy one. The P2P tools that have been written for the Mac platform don’t include the Spyware and Trojan Horse features which you’ll find in almost all of the offerings for the Windows platform. Just try to delete a P2P application from a Windows machine, and you’ll understand what we’re talking about. The real beauty of P2P technology is that it provides an IP solution for sharing files amongst various types of computers worldwide, something we’ve all become accustomed to using local area networks. In addition to many other companies, IBM has devoted enormous resources to exploration of P2P technology for business use.
Two very different P2P technologies provide excellent results on the Mac platform. The traditional P2P solution is Limewire which includes free (with ads) and Pro versions. A better Limewire solution and the reason some folks have actually switched to the Mac platform is a product called Acquisition. It has perhaps the best user interface ever written for Mac OS X, and at $16.99 for a single-user license, it won’t break the bank either. Installation is a breeze. Download the software from here and drag the Acquisition icon to your Applications folder. Run the Application and choose Preferences to set your default download and upload folders, to turn on iTunes integration, and to specify the number of simultaneous connections you wish to support. Now enter a search term and presto! And, yes, keep in mind that downloading or uploading copyrighted material is against the law … at least in the USA. But, if all you want to do is download music, perhaps it’s time you planned a vacation to Canada with your Mac mini or Powerbook, but you’d better hurry if current news articles are to be believed.
The other great P2P solution for the Mac platform is BitTorrent which is available for free download from Apple’s web site. Go figure. Once you download the software, just drag the application to your Applications folder and start it up. Now use Google to search for BitTorrent content. HINT: The files always end with an extension of .torrent. The same copyright warnings (as above) apply, and Big Brother is probably a BitTorrent user himself. Everything you ever wanted to know about BitTorrent is available in their FAQ or Brian’s FAQ and Guide.
Finally, while we’re on the subject of music downloads, there’s been lots of buzz recently about a Russian web site (allofmp3.com) which offers music downloads for about a penny a minute, slightly cheaper than iTunes. But, is it legal? With our usual disclaimer that we’re not in the business of providing legal advice here, we can point you to some sites that discuss the issue. FadMine seems to think it’s OK. Moscow prosecutors also gave allofmp3.com the green light, at least inside Russia. And then there’s at least one California lawyer that thinks it’s not. But see this piece in the Tech Law Advisor. In the Americanized words of a famous old British insurance handbook from 1846: "You pays your money and you takes your chances." If you haven’t guessed it already, copyright law is a goldmine for lawyers and law professors at the moment because virtually nothing is settled. Another 5-4 decision from the Supreme Court should make things much clearer. Didn’t know you were gonna have to go to law school just to use your computer, did you?
Tiger Preparations. Over at our new Tiger web site, Tiger Vittles, we’re getting ready for the big day, Friday, April 29, when Apple officially releases the next version of Mac OS X. Beginning next week, we’ll walk you through the steps you should take before upgrading an existing Mac to a new operating system. For those coming from the Windows world, don’t have a heart attack. The Mac experience is downright pleasant compared to the Microsoft torture chamber you’re accustomed to. Your homework in preparation for the upgrade is to scrape together $100 and buy a firewire drive big enough to back up your entire Mac. We’ve covered all of this before including recommendations on the best firewire drives for your money. So just click here and follow the steps.