Internet Connection Sharing using Ubuntu 10.04 LTS as NAT Gateway

The following how to contains procedures to configure an Ubuntu 10.04 LTS machine to be used as a NAT (Network Address Translation) gateway for sharing internet connection.

Part A. Configuring IP v4 forwarding option

A.1. Edit the sysctl.conf file by issuing command: nano /etc/sysctl.conf  and un-commented (remove hash mark) from the following line # net.ipv4.ip_forward=1
A.2. Open the rc.local file by issuing command: nano /etc/rc.local, next, add the following lines before exit 0 line

/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables –table nat -A POSTROUTING -o eth0 -j MASQUERADE

(to be continued)

Install Project Fedena version 2.2 on Win32

Step 1: Install Ruby
Download and install One-Click Ruby Installer for Windows.
http://rubyforge.org/frs/download.php/72085/rubyinstaller-1.8.7-p302.exe

Step 2: Install Rails
Now we can use the RubyGems package manager to download and install Rails 2.3.5(Note: Version should be 2.3.5),
Open a command window and run the command gem install rails -v=2.3.5 –remote

Step 3: Install MySQL
1. Download and install the “essential” version of the MySQL installer v5.0
http://downloads.mysql.com/archives/mysql-5.0/mysql-essential-5.0.90-win32.msi
2. Copy libmysql.dll from MySQL bin directory (usually C:\Program Files\MySQL\MySQL Server 5.0\bin) to Ruby bin directory (usually C:\Ruby\bin)

Step 4: Setup Fedena
4.1. Download Fedena source code from GitHub. Extract the ZIP/TAR archive and save to a folder (say C:\Fedena22).
4.2. Now goto the fedena source directory in command line/prompt.
4.3. Run the command gem install mysql
4.4. Run command gem install declarative_authorization -v 0.5.1
4.5. Run command gem install searchlogic -v 2.4.27
4.6. Run command gem install i18n -v 0.4.2
4.7. Run command gem list (check for i18n version, if there is version 0.6.0, uninstall it, using command gem uninstall i18n )
4.8. Update the MySQL database details in config/database.yml (under “development:”)
4.9. Run the command rake db:create This will create the required databases.
4.10. Run command gem install win32-open3 to install win32-open gem.
4.11. Run the command rake db:migrate This will populate the database with required tables.
4.12. Finally, run the command ruby script/server This would start the server and it will be accessible at http://localhost:3000
4.13. If you want to run Fedena in production mode, run the command ruby script/server -e production For this, Production database details should be given in config/database.yml

Step 5: Install RMagick for Fedena
(This installation is needed to solve error when uploading student profile picture)

http://files.rubyforge.vm.bytemark.co.uk/rmagick/RMagick-2.12.0-ImageMagick-6.5.6-8-Q8.zip

5.1. Unzip ImageMagick-6.5.6-8-Q8.zip
5.2. Go to the unzip result folder and run ImageMagick-6.5.6-8-Q8-windows-dll.exe to install it.
5.3. Unzip RMagick-2.12.0.tar.gz
5.4. Copy the result, Rmagick-2.12.0 folder to C:\
5.5. Copy rmagick-2.12.0-x86-mswin32.gem to C:\RMagick-2.12.0
5.6. Navigate into folder C:\RMagick-2.12.0 using Windows Command Prompt
5.7. Run the command gem install rmagick --local

Step 6: Install wkhtmltopdf

This is to solve PDF creation problem ( error message: Create PDF Error: Bad wkhtmltopdf’s path )

6.1. Download the installer from http://wkhtmltopdf.googlecode.com/files/wkhtmltopdf-0.9.9-installer.exe

6.2. Install to folder c:\wkhtmltopdf

6.3. Edit c:\Fedena22\config\initializers\wicked_pdf.rb as follows:

#:wkhtmltopdf => '/home/foradian/sooraj/wkhtmltopdf-i386',
:wkhtmltopdf => 'c:\wkhtmltopdf\wkhtmltopdf.exe',

References:
http://latunyj.no-ip.org/2011/07/fedena-project-for-win32-platform/
http://projectfedena.org/install

Personal Caching Domain Name Server with BIND9 on Windows Vista

BIND9 is a popular domain server application in *nix platform. It serves an important roles in providing an open source DNS application for the Internet and local area network (LAN).
This publication explains how to install a Win32 BIND9 version that can be used as a personal caching DNS server in Windows Vista.

Step 1: Download BIND9 binary application for Win32 from Internet Consortium System website.

Step 2: Unzip the downloaded file to a folder (i.e., c:\bind9) and run the installer file named “BINDInstall.exe”. This will install Bind9 to the destination folder at \Windows\System32\dns\bin\.

BIND9 Installer window

Step 3: During the installation process, the installer will ask for a “Service Account Password”, select “automatic startup” then click install. Exit the installer when finished.

Step 4: Open the Command Prompt as Administrator / Run as Administrator and type the following commands :
cd c:\windows\System32\dns\bin (press enter)
wrote key file “C:\Windows\system32\dns\etc\rndc.key”

rndc-confgen -a (press enter)

Step 5: Close the command Prompt

 

 

 

 

 

 

 

 

 

 

 

Now there should be six files existed in the folder c:\windows\system32\dns\etc as shown in the picture below, except session.key file.

BIND9 Files

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

=

Note that The file “rndc.key” file has been created step 4.

Step 6: Open Notepad (Run as Administrator) and copy and paste the following:

options {directory "c:\windows\system32\dns\etc";
pid-file none;
version "not currently available";
listen-on { 127.0.0.1; 192.168.0.0/24; 180.216.59.213; };
};

controls {
inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};

key "rndc_key" {
algorithm hmac-md5;
secret "o690RparSJLi5da4mjPB/Q==";
};

zone "." IN {
type hint;
file "root.hints";
};

zone "localhost" IN {
type master;
file "zone.localhost";

allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "revp.127.0.0";
allow-update { none; };
};

include "filter.conf";

Note that before saving this file it is need to change the key string secret “o690RparSJLi5da4mjPB/Q==” to the same key string found in your file “rndc.key”. The key in your rndc.key file will be different to the one shown here. To get the key, open rndc.key file using Notepad and copy & paste the appropriate key for your system.

Also, it is needed to change the line listen-on { 127.0.0.1; 192.168.0.0/24; 180.216.59.213; }; with the corresponding IP address(es) that match the network where the caching DNS will be used.

Save the file as named.conf (Note: Run Notepad as Administrator to have rights to write or save at c:\Windows\System32\dns\etc\)

Step 7: Create a new file using Notepad and copy & paste the following root hints information into the file.

; <<>> DiG 9.3.2 <<>> NS . @m.root-servers.net
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1378
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 15

;; QUESTION SECTION:
;.                IN    NS

;; ANSWER SECTION:
.            518400    IN    NS    A.ROOT-SERVERS.NET.
.            518400    IN    NS    I.ROOT-SERVERS.NET.
.            518400    IN    NS    C.ROOT-SERVERS.NET.
.            518400    IN    NS    H.ROOT-SERVERS.NET.
.            518400    IN    NS    M.ROOT-SERVERS.NET.
.            518400    IN    NS    E.ROOT-SERVERS.NET.
.            518400    IN    NS    K.ROOT-SERVERS.NET.
.            518400    IN    NS    L.ROOT-SERVERS.NET.
.            518400    IN    NS    B.ROOT-SERVERS.NET.
.            518400    IN    NS    J.ROOT-SERVERS.NET.
.            518400    IN    NS    D.ROOT-SERVERS.NET.
.            518400    IN    NS    G.ROOT-SERVERS.NET.
.            518400    IN    NS    F.ROOT-SERVERS.NET.

;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET.    3600000    IN    A    198.41.0.4
B.ROOT-SERVERS.NET.    3600000    IN    A    192.228.79.201
C.ROOT-SERVERS.NET.    3600000    IN    A    192.33.4.12
D.ROOT-SERVERS.NET.    3600000    IN    A    128.8.10.90
E.ROOT-SERVERS.NET.    3600000    IN    A    192.203.230.10
F.ROOT-SERVERS.NET.    3600000    IN    A    192.5.5.241
G.ROOT-SERVERS.NET.    3600000    IN    A    192.112.36.4
H.ROOT-SERVERS.NET.    3600000    IN    A    128.63.2.53
I.ROOT-SERVERS.NET.    3600000    IN    A    192.36.148.17
J.ROOT-SERVERS.NET.    3600000    IN    A    192.58.128.30
K.ROOT-SERVERS.NET.    3600000    IN    A    193.0.14.129
L.ROOT-SERVERS.NET.    3600000    IN    A    199.7.83.42
M.ROOT-SERVERS.NET.    3600000    IN    A    202.12.27.33

When done, save the file as root.hints at C:\Windows\System32\dns\etc\.

Step 8: Create a new file using Notepad and copy & paste the following zone localhost information into the file.

;
; loopback/localhost zone file
;
$TTL 1D
$ORIGIN localhost.
@              IN  SOA   @  root (
1   ; Serial
8H  ; Refresh
15M ; Retry
1W  ; Expire
1D) ; Minimum TTL
IN   NS   @
IN   A    127.0.0.1

When done, save the file as zone.localhost at C:\Windows\System32\dns\etc\.

Step 9: Create a new file using Notepad and copy & paste the following information into the file.

;
; reverse pointers for localhost
;
$TTL 1D
$ORIGIN 0.0.127.in-addr.arpa.
@    IN   SOA  localhost. root.localhost. (
1    ; serial
8H   ; refresh
15M  ; retry
1W   ; expire
1D ) ; minimum
IN   NS   localhost.
1    IN   PTR  localhost.

When done, save the file as revp.127.0.0 at C:\Windows\System32\dns\etc\.

Step 10: Create a new file using Notepad and leave it empty (a blank file). Save the file as filter.conf at C:\Windows\System32\dns\etc\. It is an empty file and It will be filled with filter information if Bind9 is to be used to block adverts.

Step 11: Starting BIND9. In order to start the new BIND9, Open a Command Prompt (Run as Administrator) and type the following:

services.msc (press enter)

This will open Windows Services list as shown below.

Windows Services List

Windows Services List


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

=

Scroll to find ISC BIND service line (as shown in the picture above), then right-click to open Properties dialog box for ISC BIND.

BIND9 Properties

BIND9 Properties

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Set the option Startup type to Automatic and click Start button to start ISC BIND for the first time. If there are no errors, BIND9 will be started and the Service status will changed from Stopped to Started.

If there is an Windows error message saying: Windows could not start the ISC BIND on Local Computer. Error 1067: The process terminated unexpectedly. Then check Log On Properties for ISC BIND. Click on the Log On tab in the Properties window and check that log-on setting matched the one shown below.

BIND9 Properties

BIND9 Properties

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Click OK to close the Properties window and try to restart ISC BIND via Services window again. When done, BIND9 is now running in local computer (127.0.0.1) and ready to be used.

To test or use BIND9 as a personal DNS Caching server at the computer in which it is installed, put 127.0.0.1 as Preferred DNS server in the network setting of the computer.

Reference page: http://npr.me.uk/installdns.html

Generating Self-Signed Certificate in XAMPP Win32 for Apache Web Server

Below are the steps and additional information used to generate self-signed certificate and keys for Apache Web server in XAMPP for Win32 platform.

#Step 1: Generate a Private Key
C:\xampp\apache\bin>openssl genrsa -des3 -out server.key 1024     
Loading ‘screen’ into random state – done
Generating RSA private key, 1024 bit long modulus
…………………………………………………++++++
……………………………………++++++
e is 65537 (0×10001)
Enter pass phrase for server.key: xxxxxxxx
Verifying – Enter pass phrase for server.key: xxxxxxxx

#Step 2: Generate a CSR (Certificate Signing Request)
C:\xampp\apache\bin>openssl req -new -key server.key -config “C:\xampp\php\extras\openssl\openssl.cnf” -out server.csr              
Enter pass phrase for server.key:  xxxxxxxx
Loading ‘screen’ into random state – done
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:Western Australia
Locality Name (eg, city) []:Perth
Organization Name (eg, company) [Internet Widgits Pty Ltd]:LatunyJ Corporation
Organizational Unit Name (eg, section) []:Information Technology
Common Name (eg, YOUR name) []:latunyj.no-ip.org
Email Address []:latunyj@hotmail.com

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []: xxxxxxxx
An optional company name []:LatunyJ Corporation

#Step 3: Remove Passphrase from Key
C:\xampp\apache\bin>copy server.key server.key.org                                                                                  
1 file(s) copied.

C:\xampp\apache\bin>openssl rsa -in server.key.org -out server.key
Enter pass phrase for server.key.org:
writing RSA key

#Step 4: Generating a Self-Signed Certificate
C:\xampp\apache\bin>openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Loading ‘screen’ into random state – done
Signature ok
subject=/C=AU/ST=Western Australia/L=Perth/O=LatunyJ Corporation/OU=Information Technology/CN=latunyj.no-ip.org/emailAddress=latunyj@hotmail.com
Getting Private key

#Step 5: Installing the Private Key and Certificate
C:\xampp\apache\bin>copy server.crt c:\xampp\apache\conf\ssl.crt
C:\xampp\apache\bin>copy server.key c:\xampp\apache\conf\ssl.key

#Step 6: Restart Apache and Test 
Restart Apache

References:
http://www.akadia.com/services/ssh_test_certificate.html
http://www.opencodez.com/apache/ssl-certificate-and-install-in-xampp.htm

Installing GeoIP database in Ubuntu 10.04

These are the steps used to install free version of Maxmind GeoIP database which is used to get the location information of an Internet Protocol Address (IP Address) through a query using PHP.

Install geoip for php5 by using the command: sudo apt-get install php5-geoip
Restart apache2 server by using the command: sudo /usr/sbin/apache2ctl graceful

Next, getting the geoip database itself by issuing the command: wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz

Further, it is needed to unzip the database by using the command: gunzip GeoLiteCity.dat.gz
Create a directory/folder to put the database: sudo mkdir -v /usr/share/GeoIP
Move the database to its position: sudo mv -v GeoLiteCity.dat /usr/share/GeoIP/GeoIPCity.dat

To use the installed geoip database, construct a simple PHP file (i.e., testgeoip.php) and copy the following codes and paste into the testgeoip.php

//content of testgeoip.php

<?php
$trace_ip_addr = ‘180.216.59.213’; // put any chosen IP address here
$geoinfo = geoip_record_by_name(”.$trace_ip_addr.”);
echo “Raw GeoIP information for:  $trace_ip_addr \n\n”;
print_r($geoinfo);
?>

Run the file within the terminal by issuing the command: php testgeoip.php or put the file in www root folder of a web server and open it using a browser.

>> To test how a GeoIP database is implemented using PHP to be accessed via browser, click here.

Ref: http://php.net/manual/en/geoip.setup.php

Mail Server with Postfix, Dovecot and MySQL on Ubuntu 10.04 LTS using Virtual Domain

=== Install Packages ===
Let’s start by installing the corresponding packages needed for a virtual mail server in Ubuntu 10.04 by issuing the following install commands:

apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server dovecot-common dovecot-imapd dovecot-pop3d libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql

First set proper server hostname with its FQDN (Fully Qualified Domain Name).
hostname -f unpatti.inherent-dikti.net

=== MySQL: Create Database, Tables and Users ====
Login to MySQL and create corresponding database, tables and users:

CREATE DATABASE mail;
USE mail;

GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO ‘mailadmin’@’localhost’ IDENTIFIED BY ‘password’;
GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO ‘mailadmin’@’localhost.localdomain’ IDENTIFIED BY ‘password’;
FLUSH PRIVILEGES;

CREATE TABLE domains (domain varchar(50) NOT NULL, PRIMARY KEY (domain) );
CREATE TABLE forwardings (source varchar(80) NOT NULL, destination TEXT NOT NULL, PRIMARY KEY (source) );
CREATE TABLE users (email varchar(80) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (email) );
CREATE TABLE transport ( domain varchar(128) NOT NULL default ”, transport varchar(128) NOT NULL default ”, UNIQUE KEY domain (domain) );
quit

=== Create Configuration files ===

nano /etc/postfix/mysql-virtual_domains.cf
Copy and paste the following contents, change somepassword to an appropriate one.

user = mailadmin
password = somepassword
dbname = mail
query = SELECT domain AS virtual FROM domains WHERE domain=’%s’
hosts = 127.0.0.1

nano /etc/postfix/mysql-virtual_forwardings.cf
Copy and paste the following contents, change somepassword to an appropriate one.

user = mailadmin
password = somepassword
dbname = mail
query = SELECT destination FROM forwardings WHERE source=’%s’
hosts = 127.0.0.1

nano /etc/postfix/mysql-virtual_mailboxes.cf
Copy and paste the following contents, change somepassword to an appropriate one.

user = mailadmin
password = somepassword
dbname = mail
query = SELECT CONCAT(SUBSTRING_INDEX(email,’@’,-1),’/’,SUBSTRING_INDEX(email,’@’,1),’/’) FROM users WHERE email=’%s’
hosts = 127.0.0.1

nano /etc/postfix/mysql-virtual_email2email.cf
Copy and paste the following contents, change somepassword to an appropriate one.

user = mailadmin
password = somepassword
dbname = mail
query = SELECT email FROM users WHERE email=’%s’
hosts = 127.0.0.1

Set proper permissions and ownership for these configuration files by issuing the following commands:
chmod o= /etc/postfix/mysql-virtual_*.cf
chgrp postfix /etc/postfix/mysql-virtual_*.cf

create a user and group for mail handling. All virtual mailboxes will be stored under this user’s home directory.

groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m

Issue the following commands to complete the remaining steps required for Postfix configuration, be sure to replace “unpatti.inherent-dikti.net” with the fully qualified domain name for your system mail name.

postconf -e ‘myhostname = unpatti.inherent-dikti.net’
postconf -e ‘mydestination = ‘
mynetworks = 127.0.0.0/8 [::1]/128
postconf -e ‘message_size_limit = 30720000′
postconf -e ‘virtual_alias_domains =’
postconf -e ‘virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf’
postconf -e ‘virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf’
postconf -e ‘virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf’
postconf -e ‘virtual_mailbox_base = /home/vmail’
postconf -e ‘virtual_uid_maps = static:5000′
postconf -e ‘virtual_gid_maps = static:5000′
postconf -e ‘smtpd_sasl_auth_enable = yes’
postconf -e ‘broken_sasl_auth_clients = yes’
postconf -e ‘smtpd_sasl_authenticated_header = yes’
postconf -e ‘smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination’
postconf -e ‘smtpd_use_tls = yes’
postconf -e ‘smtpd_tls_cert_file = /etc/postfix/smtpd.cert’
postconf -e ‘smtpd_tls_key_file = /etc/postfix/smtpd.key’
postconf -e ‘virtual_create_maildirsize = yes’
postconf -e ‘virtual_maildir_extended = yes’
postconf -e ‘proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps’
postconf -e virtual_transport=dovecot
postconf -e dovecot_destination_recipient_limit=1

Example of my Postfix main.cf contents are shown below.
=================== Example of MAIN.CF =====

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA’s job.
append_dot_mydomain = no

# Uncomment the next line to generate “delayed mail” warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = unpatti.inherent-dikti.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination =
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
#inet_protocols = all

# Virtual Mailbox Domain Settings

virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_limit = 51200000
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_transport = dovecot

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
inet_protocols = all
message_size_limit = 30720000
virtual_alias_domains =
smtpd_sasl_authenticated_header = yes
virtual_maildir_extended = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
dovecot_destination_recipient_limit = 1
html_directory = /usr/share/doc/postfix/html

=================== End of Example of MAIN.CF =====

Create an SSL Certificate for Postfix ===
Issue the following commands to create the SSL certificate:

cd /etc/postfix
openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509

Enter the appropriate information for your server, remember to use a FQDN mail name for Common Name line in the place of unpatti.inherent-dikti.net

Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:Maluku
Locality Name (eg, city) []:Ambon
Organization Name (eg, company) [Internet Widgits Pty Ltd]:UNPATTI
Organizational Unit Name (eg, section) []:INHERENT
Common Name (eg, YOUR name) []:unpatti.inherent-dikti.net
Email Address []:postmaster@unpatti.inherent-dikti.net

Set proper permissions for the key file by issuing the following command:
chmod o= /etc/postfix/smtpd.key

=== Configure saslauthd to use MySQL ===

Create a directory for saslauthd:
mkdir -p /var/spool/postfix/var/run/saslauthd

Make a backup copy of the /etc/default/saslauthd:
cp -a /etc/default/saslauthd /etc/default/saslauthd.bak

Edit the file /etc/default/saslauthd to match the configuration shown below.
nano /etc/default/saslauthd
Copy and paste the following contents.

START=yes
DESC=”SASL Authentication Daemon”
NAME=”saslauthd”
MECHANISMS=”pam”
MECH_OPTIONS=””
THREADS=5
OPTIONS=”-c -m /var/spool/postfix/var/run/saslauthd -r”

Create the file /etc/pam.d/smtp and copy in the following two lines. Be sure to change “mailadmin_password” to the password you chose for your mail administration of MySQL user.
nano /etc/pam.d/smtp
Copy and paste the following contents.

auth    required   pam_mysql.so user=mailadmin passwd=somepassword host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=mailadmin passwd=somepassword host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1

Create a file named /etc/postfix/sasl/smtpd.conf with the following contents. Be sure to change “somepassword” to the password you chose for your mail administration of MySQL user.
nano /etc/postfix/sasl/smtpd.conf
Copy and paste the following contents, change somepassword to an appropriate one.

pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: mailadmin
sql_passwd: somepassword
sql_database: mail
sql_select: select password from users where email = ‘%u’

Set proper permissions and ownership for these configuration files:
chmod o= /etc/pam.d/smtp
chmod o= /etc/postfix/sasl/smtpd.conf

Add the Postfix user to the sasl group and restart Postfix and saslauthd by issuing the following commands:
adduser postfix sasl
service postfix restart
service saslauthd restart

=== Configure Dovecot ===
Edit the file /etc/postfix/master.cf
nano /etc/postfix/master.cf
Add the dovecot service content to the bottom of the file.

dovecot   unix  –       n       n       –       –       pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}

Make a backup copy of /etc/dovecot/dovecot.conf file.
cp -a /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.bak

Edit /etc/dovecot/dovecot.conf file.
nano /etc/dovecot/dovecot.conf

Replace the contents of the file with the following example, substituting your system’s domain name to replace unpatti.inherent-dikti.net
Copy and paste the following contents.

protocols = imap imaps pop3 pop3s

log_timestamp = “%Y-%m-%d %H:%M:%S “
mail_location = maildir:/home/vmail/%d/%n/Maildir

ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.pem

namespace private {
separator = .
prefix = INBOX.
inbox = yes
}

protocol lda {
log_path = /home/vmail/dovecot-deliver.log
auth_socket_path = /var/run/dovecot/auth-master
postmaster_address = postmaster@unpatti.inherent-dikti.net
mail_plugins = sieve
global_script_path = /home/vmail/globalsieverc
}

protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}

auth default {
user = root

passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}

userdb static {
args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
}

socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
user = vmail
}

client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}

MySQL will be used to store password information, so /etc/dovecot/dovecot-sql.conf must be edited.
Make a backup copy of the existing file.
cp -a /etc/dovecot/dovecot-sql.conf /etc/dovecot/dovecot-sql.conf.bak

Replace the contents of the file with the following example, making sure to replace “mailadmin_password” with your mail password.
nano /etc/dovecot/dovecot-sql.conf

driver = mysql
connect = host=127.0.0.1 dbname=mail user=mailadmin password=somepassword
default_pass_scheme = CRYPT
password_query = SELECT email as user, password FROM users WHERE email=’%u’;

Dovecot has now been configured. You must restart it to make sure it is working properly:
service dovecot restart

Check the /var/log/mail.log to make sure dovecot started without errors.
tail /var/log/mail.log

The log should have lines similar to the following:
Aug  1 22:16:32 unpatti dovecot: Dovecot v1.2.9 starting up (core dumps disabled)
Aug  1 22:16:32 unpatti dovecot: auth-worker(default): mysql: Connected to 127.0.0.1 (mail)

Change the permissions on /etc/dovecot/dovecot.conf to allow the vmail user to access them:

chgrp vmail /etc/dovecot/dovecot.conf
chmod g+r /etc/dovecot/dovecot.conf

Test the POP3 server to make sure it’s running properly
telnet localhost pop3

=== Configure Mail Aliases ===

nano /etc/aliases
Copy and paste the following contents.

postmaster: root
root: postmaster@unpatti.inherent-dikti.net

Run the following commands to update aliases and restart Postfix:

newaliases
service postfix restart

=== Testing Postfix section ===

To test Postfix for SMTP-AUTH and TLS, issue the following command:
telnet localhost 25

While connected to Postfix, issue the following command:
ehlo localhost

Check the output, you should see the line “250-STARTTLS” included.
Issue the command quit to terminate the Postfix connection.

Setting up Domains and Users ===
Login to MySQL to create domain and email user name / address:

mysql -u root -p

USE mail;
INSERT INTO domains (domain) VALUES (‘unpatti.inherent-dikti.net’);
INSERT INTO users (email, password) VALUES (‘admin@unpatti.inherent-dikti.net’, ENCRYPT(‘somepassword’));
INSERT INTO users (email, password) VALUES (‘postmaster@unpatti.inherent-dikti.net’, ENCRYPT(‘somepassword’));
INSERT INTO users (email, password) VALUES (‘hostmaster@unpatti.inherent-dikti.net’, ENCRYPT(‘somepassword’));
INSERT INTO users (email, password) VALUES (‘latunyj@unpatti.inherent-dikti.net’, ENCRYPT(‘mypassword’));
quit

Replace the above email addresses and passwords that suits your system.

it is needed to send a welcome message to new email accounts before they can be accessed via IMAP or POP3. This is because the mailboxes for new users will not be created until an email is received for them.

=== Check Mail Server Logs ===
After welcome / test mail had been sent the test mail, you’ll want to check your error logs to make sure the mail was delivered. First check your mail.log located in /var/log/mail.log. You should see something similar to the following:

Aug  1 23:45:54 unpatti postfix/cleanup[7383]: 0E631400968: message-id=<5162.180.216.122.76.1312260058.squirrel@latunyj.no-ip.org>
Aug  1 23:45:54 unpatti postfix/qmgr[7168]: 0E631400968: from=<beta@latunyj.no-ip.org>, size=1516, nrcpt=1 (queue active)
Aug  1 23:45:55 unpatti postfix/pipe[7384]: 0E631400968: to=<latunyj@unpatti.inherent-dikti.net>, relay=dovecot, delay=2.7, delays=2.6/0.01/0/0.14, dsn=2.0.0, status=sent (delivered via dovecot service)
Aug  1 23:45:55 unpatti postfix/qmgr[7168]: 0E631400968: removed

cat /home/vmail/dovecot-deliver.log

Next, check the Dovecot delivery log located in /home/vmail/dovecot-deliver.log. The contents should look similar to the following:

2011-08-01 23:45:55 deliver(latunyj@unpatti.inherent-dikti.net): Info: msgid=<5162.180.216.122.76.1312260058.squirrel@latunyj.no-ip.org>: saved mail to INBOX

=== Test the Mailbox ===

cd /home/vmail/unpatti.inherent-dikti.net/latunyj/Maildir
find

The output similar to the following should be seen:
.
./new
./new/1312209954.M981760P7385.unpatti.inherent-dikti.net,S=1571,W=1604
./cur
./dovecot.index.log
./dovecot-uidlist
./dovecot-uidvalidity
./tmp
./dovecot-uidvalidity.4e36bc22

Up to this section the mail server using Virtual Domain with Postfix, MySQL and Dovecot is ready. Squirrelmail can be installed to provide a web-based mail access to users.

Reference: http://library.linode.com/email/postfix/dovecot-mysql-ubuntu-10.04-lucid

MATLAB Compiler Installation (Win32)

I want to be able to run Matlab a m-file as an executable file (exe) in Windows, hence it is not needed to open Matlab. That means that I need to compile the corresponding Matlab m-file to an Windows executable file, therefore it is needed to compile the m-file to exe file. In addition, by having a compiled exe file, it can be used in other computers which have no Matlab installed.

The process of installing and using Matlab compiler is as follow;

Exit Matlab if it is running.

Install: MCRInstaller.exe which is located in:
C:\Program Files\MATLAB\R2008b\toolbox\compiler\deploy\win32\MCRInstaller.exe

Start Matlab an issue the following command:

>> mbuild -setup

Please choose your compiler for building standalone MATLAB applications:

Would you like mbuild to locate installed compilers [y]/n? y

Select a compiler:
[1] Lcc-win32 C 2.4.1 in C:\PROGRA~1\MATLAB\R2008b\sys\lcc

[0] None

(choose available compiler, in this case 1)

Compiler: 1

Please verify your choices:

Compiler: Lcc-win32 C 2.4.1
Location: C:\PROGRA~1\MATLAB\R2008b\sys\lcc

Are these correct [y]/n? y

Trying to update options file: D:\Documents and Settings9871962\Application Data\MathWorks\MATLAB\R2008b\compopts.bat
From template:              C:\PROGRA~1\MATLAB\R2008b\bin\win32\mbuildopts\lcccompp.bat

Done . . .

Now you can compile any Matlab m-files into a standalone exe files in Windows. For example, to compile m-file called

myfile, issue the following command:

>>mcc -m myfile.m (enter)

If there are no error, Matlab will generate myfile.exe and
return to its normal prompt >>.