I spent a few weeks, a long time ago, getting the Imagine WiMax Motorola USBw35200 dongle working under Linux using the Sprint 4G Developer software, but it was a nasty hack.

A Hack that stopped working recently. Or at least, when I tried to use it this week it didn’t work.

The basics:
Linux Kernel 3.0.0 has the right kernel module.
You need to build the Spring 4G package to get the firmware out, copy it to /lib/firmware
Imagine uses EAP-TLS
You can get the WiMAX and Imagine server certs from the CD-ROM partition on the dongle (disable usb modeswitch before you insert it)

The problem:
You need a Device Private Key to connect, which is stored in a memory location on the dongle itself. I have no idea how to get it out, or how to point the wimax userspace agents to that memory.

Being a geek, I decided that using a TV to view TV wasn’t really the way to do things.
So instead, I decided to find a way of viewing Saorview on my PC.

So the easy way, is to get a DVB-T receiver for a PC, and tune to the channel you want to view. I’m not going to show you how to do this, because the guys at mpeg4ireland already have.

I’m going to show you how to receive every Saorview channel at the same time.
Although I’m sure you’re not going to be able to watch them all at the same time…

First, you need a DVB-T receiver.

I used a €40 Hauppauge Nova-T USB Stick.

Then you’ll need MumuDVB. You’ll need at least version 1.6.1
I got the latest release from here.
Yes, Ubuntu has a version in their repo’s, but thats version 1.6. It will NOT work. (well, if you only want to receive the radio stations and the test pattern, then 1.6 is for you!)

Plug your DVB-T card/stick in, make sure it gets recognised and you get an entry in /dev/dvb

$ ls /dev/dvb/
adapter0

Install dvb-apps

sudo apt-get install dvb-apps

Grab the wideband tuning file from the mpeg4ireland site and use it to scan for channels.

scan wideband > channels.conf

Make sure there’s something useful in your channels.conf
The start of each line should be a channel name, followed by a frequency.
If there’s something in there, make a note of the frequency that you see.
In my case, since I’m getting signal from Three Rock Dublin, my frequency is 738000000 (or 738Mhz)

If you don’t get anything, you might have some problems. So I suggest doing some research on Saorview using the mpeg4ireland site to see if you have coverage.

Now, unpack MumuDVB and build it.

tar -zxvf mumudvb-beta.tar.gz
cd mumudvb
autoreconf -i -f
./configure
make
sudo make install

Then create a config file (mumu.conf). Make sure you set your frequency correctly to the one you extracted from channels.conf earlier. (Divide the long number by 1000000 to get MHz).

freq=738
autoconfiguration=2
autoconf_radios=1
autoconf_ip_header=239.192
multicast_ttl=5
sap=1
sap_default_group=Saorview
sap_organisation=RTENL

Now start up MumuDVB using this configuration. There will be loads of debug output, just so you can see what its up to.

sudo mumudvb -c mumu.conf -s -t -vv -d

Then install VLC on your PC (or another PC on the same network).
Start it up, and press Ctrl-P to get the Preferences.
In the bottom left, select Show settings All.
In the Tree, select Playlist > Service Discovery.
Enable Network streams (SAP)
Click Save.
Press Ctrl-L and wait 10 seconds.
You should see a folder caller Saorview.
Expand it, and double click the channel you wish to view.

OR

Launch VLC, and open the Network address udp://@239.192.0.0:1234/ (Should be RTE One)
udp://@239.192.0.1:1234/ should be RTE Two.
udp://@239.192.0.2:1234/ should be TV3.
etc…

Voila!
If you poke around in the VLC options, you’ll notice that Teletext works too.
There’s even a Program Guide that has the next 7 days line-up in it. (Tools > Program Guide)
Subtitles work, and on some channels there may even be a second Audio stream.

Now do it on another PC, and view a different channel at the same time. Continue until you get bored.
For fun, check the CPU usage of the mumudvb process.
On my system it only uses around 5% of 1 CPU since its not actually doing very much. Not bad…

The process will be spewing out loads of stats, like Bit error rate, Signal Strength and SNR. Their meaning is self evident.
Every 5 seconds it will also output Traffic information, which is quite interesting since it displays the actual Bandwidth used per channel.

As an exercise for the reader, I’ll leave you to figure out how to get it to start up in the background.
Personally, I run it in a screen session so I can easily open it up again and see the Signal Strength, etc.

Note: RTE Two is broadcast in HD, and viewing it may be a bit CPU intensive.

Recently, she’s decided that anything that squeaks, shouldn’t. So she makes it.

Video after the break

Looks like some smart people at MIT have been studying the aerodynamics of birds and planes, and have designed a Glider that can perch on a wire (like a bird).

Read on to watch a video of it in action.

I could go on with all the complaints that I’ve heard over the last 24 hours, and all the stupid reasoning behind those complaints. But I won’t. I’ll try and be helpfully informative.

So we’ll start with the facts:

• Seacom is one of the Submarine fiber cables that connect South Africa to Europe.
• There are other ways out of South Africa to Europe, that do not rely on Seacom.
• Residential ADSL users are quite far down the list of priorities for most ISP’s.
• Business users on leased lines account for significantly more income than ADSL users.
• You get what you pay for.

Your choice of ISP should take all of these facts into account:

• Does your ISP have multiple international circuits?
• Are these circuits physically diverse (ie: not the same cable).
• Are you actually paying for a service that will make use of the backup circuits in the event of a failure?

Chances are, unless you have a leased line service, and you pay something in the region of R20000 a month for it, you will be affected by the Seacom problems.

It would be incredibly naive of any ISP to expect that a single upstream provider will be up 100% of the time. Seacom do not promise a 100% uptime, so how can you expect that level of service if you rely solely on them?

The solution for the ISPs? Use one of those other forms of international connectivity. Such as the SAT3-SAFE cable. Sure, thats expensive, so only use that for your “premium” customers. Like those guys paying R20000+ a month for their leased lines. They’ll get what they pay for.

And that there, is the difference between the R900 you pay a month for 4mbit ADSL, and R20000 per month for 4mbit leased line.

You get what you pay for.

So, this one will be short and simple, as there are a thousand different ways to do an OpenVPN Server on linux, but this way will make it work the same way its configured in my mini-guide.

Start be installing OpenVPN on your Linux machine.
In Ubuntu or Debian, this is as easy as

sudo apt-get install openvpn

Lets get the Certificates in the keys directory, if you haven’t already done it as part of the certificate generation mini-guide.

sudo mkdir /etc/openvpn/keys

Put your server .key and .crt in here, as well as your ca.crt

You will also want to copy the dh1024.pem from your certificate store.

Then, create a configuration file (we’ll call it server.conf), in /etc/openvpn/

sudo vi /etc/openvpn/server.conf

And stick the following in it:

port 1194
proto tcp
dev tun
server 10.1.0.1 255.255.255.0
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/ovpn-server.crt
key /etc/openvpn/keys/ovpn-server.key
dh /etc/openvpn/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
keepalive 10 120
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/server-status.log
verb 3

Save it, and restart openvpn

/etc/init.d/openvpn restart

And that should do it.

If you want to NAT all traffic out towards the Internet, giving the VPN users internet access, add a masquerade rule. Assuming eth1 is your internet facing network interface.

sudo iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE

Simple as that!

In this mini-guide, I’ll show how to configure a Mikrotik RouterOS router as an OpenVPN Client, and connect it to the server.

First, you’ll need to copy a client certificate to your client router. You can use this guide to help you generate one if you haven’t already done so. Then import them into RouterOS, as per the instructions.

Then you need to create a PPP Profile.

/ppp profile
add change-tcp-mss=default comment="" name=openvpn-out only-one=default \
use-compression=default use-encryption=default use-vj-compression=default

Next, you need to add the ovpn-client interface. Make sure that the certificate is the one that you imported, and that the username and password match what you configured on your server.

/interface ovpn-client
add add-default-route=no auth=sha1 certificate=client1 cipher=aes128 \
comment="" connect-to= disabled=no mode=ip name=OVPN-Client \
user=client 1 password=password1 port=1194 profile=openvpn-out

And thats it! Pretty simple really…
If you want all your internet traffic to go over the VPN, change the add-default-route=no to yes, and it will add the default route down the VPN every time it connects.

A little nerve wrecking, since it was live and I hadn’t really prepared very much. So much more that I should have said.

I spoke about Jawug, and Wug.za.net and the growing popularity of the Wireless User Groups.

Show recording is embedded after the jump…