Building the better Barracuda!

Recently I been experiencing some frustration with network appliances.

1. They're expensive

2. Any of the worth while units need some form of expensive subscription (think UTM's / Spam filters)

3. I can't change them in any meaningful way.

So, I finally broke down and started building my own.  My first appliance was a new Router / UTM.  I wanted to stop as many issues at the UTM as possible so, here's what my requirements were:

1. Gateway Anti-virus

2. IDS/IPS

3. Gateway Anti-Spam

4. Logging/Content filtering Proxy

5. Updatable RBL's w/ custom Blacklist support

6. NAT and Port Forwarding

**I just added this next one**

7. GeoIP blocking

8. An easy to use interface

Endian Community Edition does everything on the list except the GeoIP blocking.  So, that is a great distro if you need something quick and dirty that has an easy install, great interface, and is rock solid!  I needed the GeoIP blocking and like the title says - I was re-purposing an old Barracuda Spam filter.  The barracuda unit has a specialized board that controls the front panel Ethernet ports!  The second you remove their O/S - the ports quit working!  A little Internet research yielded that the front board is actually controlled by the parallel port.  This isn't a big deal with any linux distro except Endian as it is a cut version of CentOS 5 and doesn't have any compiling tools or packages for parallel port control.  

** Correction: It may be possible to compile lptout on a CentOS 5 machine and copy it to the Endian unit!

I ended up finally settling on NethServer and CentOS 6.8.  I tried 7 but the HC isn't there and the network cards don't work.  Additionally NethServer 7 doesn't have all the packages I needed (just like pFsense **sigh**) so, that was a bust.  I ended up with CentOS 6.8 / NethServer 6.7 and it's running like a champ!  Here's the process for a Barracuda 300/400 series:

1. Rip open the Barracuda and see which motherboard it has.

2. Go to MSI's website and grab the BIOS update for the motherboard

3. Create a DOS / bootable USB stick and put the BIOS upgrade software on it.

4. Grab yourself a copy of their BIOS passwords from here

5. Go into the BIOS and fix the boot options so that you can update the BIOS with the generic version you downloaded.

6. Create a CentOS USB Stick and use it to install the OS on your "new" UTM

7. You'll need to use the onboard NIC or if it doesn't have one just pop open the cover and unplug one of the NICs from the control board and plug in the Ethernet cable directly.  Then follow these CentOS network setup instructions for your LAN connection.

** Note: I also purchased a Quad Server PCI-e x8 card and a PCI-e 8x Extension cable from ebay.  These units have a slot in the back and it works like a champ!  Just verify yours is new enough - otherwise you'll have to drop back to PCI if you need more ports.

** Only follow steps 8 - 9 If you have a unit with non-working front Ethernet ports and the funny control board.  If you don't then skip ahead to Step 10. **

8. Follow these instructions to get the lptout program

9. After you have lptout compiled and tested (chmod +x lptout | lptout 0x3f should turn the ports on), do the following:

mkdir /scripts

cp lptout /scripts

chmod +x /scripts/lptout

echo /scripts/lptout 37f >>/etc/rc.d/rc.local

echo service network restart >>/etc/rc.d/rc.local

** Note: you may need to re-add the lptout and network restart after you install NethServer

10. Follow these NethServer Install Instructions

** Note: Skip down to the Install on Centos Section - Also, Substitute /nethserver-release-6.7.rpm instead of just nethserver-release-6.rpm

11. Install all the packages you need

12. Follow these instructions for adding the GeoIP stuff

Note: Scroll down through the comments section and follow the steps for fixing the Kernel module.  Also, You'll need to add the extended config file in the /etc/e-smith/templates/etc/shorewall/rules - not the folder specified in the instructions.  You can use expanded config files for almost everything in NethServer - I added a couple of squid rules too!

13. Optional - Kill IPv6 via these instructions.  I had to do this to keep my connections working consistently.

 

That should get you a perfectly working UTM that'll smoke most commercial units!  Good luck and as always - Google is your bff for this stuff.

--PD

FireTV Updates Murdered my Kodi!!! Latest FireTV fixes and Processes!

My FireTV just installed the latest 5.0 update which murders llama and as a result my Kodi link from IkonoTV.  If you have the same issue you're going to need to install a nifty APP called FireStarter.  Here is a great post on how to get it w/o using ADB or anything other than you FireTV and remote:

http://www.htpcbeginner.com/install-firestarter-on-fire-tv-without-adb-and-computer/

If I helped you setup your unit or you used my walk-through; you can skip adding fusion with the file manager as you already have it.

What this does is install a launcher replacement.  After the install I went into the settings and set my home button single click to FireStarter and my FireTV menu to a double click.  I could've just left it only load FireStarter with the single click as it has a link for the FireTV's menu but, I liked the ability to swap around quickly.

Also here's the link to install Exodus for those that missed it:

https://www.tvaddons.ag/exodus/

It's really easy and all you have to do is go to settings and appearance to change out the Genesis add-on shortcut.

Also if you're starting out from scratch you can follow these guides in order to get yourself up and running:

1. Kodi Install W/O a PC!
2. Customize and install the unofficial add-ons
3. Install Exodus (if it didn't get added)
4. Install FireStarter & Customize

Also for the advanced users here's a link for Kodi Customizations that'll help buffering, speed, etc.!

Special thanks to everyone at TvAddons.ag and htpcbeginner.com as they have been invaluable to everyone on this journey!

So there!!!

For all of you who've pointed out that I hadn't posted in a while: HERE! I finally finished up the stuff that's been sitting in drafts for months and posted it.  It's some pretty great stuff so that should tide you over until next time!

Of Apple TV Generation 1's and Men...

I just recently picked up a used Apple TV Generation 1 off of eBay for $56.  It was a great deal and it's a pretty cool media player.  I already have (2) Amazon Fire TV's running Kodi ATM, so I wanted another challenge.  I'm using OSMC.  It's a complete O/S with Kodi loaded and it is a great way to re-energize that old Apple TV 1!

You can download the software here: https://osmc.tv/download/

You just download their installer and pick your device.  Then it sets up a custom flash drive.  There really isn't anything to it.  They have an excellent FAQ that should answer any question you may have.  After installation you'll want to install Fusion and run the Config Wizard.  Here is a link to their site and instructions:

Install Fusion
Config Wizard
SSH into the OSMC command line
Setting the ATV1 to use Component Outputs

Note: You'll need to do the initial setup via HDMI and then you can get the IP etc. to SSH into and make your changes to Xorg.

I was originally going to do a full write-up on this but, their website and software cover everything so well that I couldn't really see any reason to do so.  I've been asked why I bothered with the ATV1.  It's a very simple answer: It has Component Outputs!  If you have an older HDTV w/o HDMI ports or too many HDMI devices then this is a great / the only option.  Plus, for as old as this unit is - it still runs really well (if a little hot)!

Free Cell Service!!!!

Note: This Service is 100% Sprint based!  If you don't have Sprint cell service in your area then this won't work for you!  Check out the Sprint coverage map to check for service in your area.

Note: Technically this isn't 100% free.  There are some upfront costs - about $30 (SIM & Initial service load).  The ongoing costs are $0 as long as you stick to you plan limitations.  I've had this service since the beginning of December and I still have my initial plan payment in my payment reserve.

Requirements:

(1) Sprint SIM Compatible Phone

Here is their compatibility list.

For my experiment I used an unlocked (Sprint based ironically enough) iPhone 5s.  This is the minimum iPhone that they will activate.

(1) RingPlus SIM card

They'll let you attempt to activate a regular Sprint SIM but the web activation process will fail.  Save yourself a headache and spend the 9.99 they charge for a SIM.

(1) Credit / Debit card

(1) Social Networking Account

If you're worried about attaching your Facebook or Twitter account; go grab a google plus account and let them have that - or vice-versa.

What we're doing here is activating on of the *free* plans offered by RingPlus.  The plans all have limits (minutes/data/SMS) and you only get charged if you go over the limits.  If you stay within the boundaries you only pay the initial load fee!  If you exceed your limits they withdraw the overage fee (pretty modest fees actually) from your pool which will automatically top off when it reaches the minimum required by the plan.  

To get rolling just head over to https://www.ringplus.net, sign up, & purchase a SIM.  After your new SIM card arrives: insert it into the phone, head back to the website, login, and run through the activation wizard.  This will allow you to pick your plan, pay, & activate your phone.  There is one more caveat: Each time you make a call you listen to music or a short commercial as it's ringing the destination party.  I didn't think it was too terrible to deal with especially since i'm getting free service.

Note: I noticed that there isn't any way to deny the ability to go over the limits.  This is a definite consideration - esp. if you're going to hookup a kid or teenager.

FireTV revisited

I've been asked about this a lot lately so, I thought I'd do a quick write-up.  The Amazon FireTV is one of/if not the best streaming devices for the money.  It has incredible specs, a great interface, & is pretty incredible overall.  Without further ado, here's the process for side-loading Kodi and its add-ons.

**Update: This method is for older FireTV units!  There is a much easier method using EXFileExplorer!  I'll tack it on to the end.

Step 1: Head over to ustvnow.com and get a free account.  We'll need this later.
Step 2: Connect up you FireTV and go through the initial setup.
Step 3: Download ADBFire 1.x (not 2.x) from here, extract it, and start it.
Note: If you have issues with llama later on you'll need to grab 2.x and skip the llama section; instead you'll use fire starter.
Step 4: Download the llama APK and Kodi APK for ARM.
Step 5: In the FireTV's system menu go to developer options and turn on both (ADB & enable unsigned applications)
Step 6: Head back to About, then Network and note the IP Address.
Step 7: Go back to ADBFire and create a new connection using the IP noted and give it a name, then save it.
Step 8: It should connect automatically, if not hit connect.  You'll see it's connected in the status.
Step 9: Next, click install APK, install llama and then Kodi.
Step 10: On the FireTV, search for and install Ikono.  It's a pink icon.
Step 11: In the ADBFire window click llama options.  Then check the change icon option.  Also, check the replace Ikono with Media Center.  Click ok.
Step 12: In the FireTV menu go to applications, then manage applications and choose llama.
Step 13: Acknowledge the messages and go to the left.  Then go down to the lower right icon.  Choose import/export, next choose from USB.  Llama will exit automatically.  Hit the home key.  You'll notice that the Ikono icon is now Kodi.  Go ahead and start it.
Step 13: Go all the way to the right and under System choose File Manager.  In the right pane choose add source.  In the top block enter http://fusion.tvaddons.ag.  In the bottom block enter Fusion and choose ok.  Back out and choose Settings.
Step 14: Choose Add-ons and then install from zip file.  Next, go to fusion then, start-here.  Install all 3 of these.  Back out to the main menu.
Step 15: Go to programs, then Program Add-ons, and finally Configure Wizard.  Choose Amazon fire from the menu and install.  After it completes you'll have a ton of add-ons and a new look!

Note: If you don't get the exodus addon: follow this guide: http://koditips.com/exodus-kodi-add-on-from-lambda-exodus-kodi-install-guide/

Step 16: head over to http://www.trakt.tv and get yourself an account and add a few shows.  This sit is what most modern streaming addons use for favorites/playlists.  Each addon's settings option will give you instructions on how to activate trakt for it.

** EsfileExplorer Method: https://spartanpixel.net/video/how-to-install-kodi-in-fire-tv-and-fire-stick-the-easiest-method-ever-no-computer-needed/