Saturday, December 20, 2014

Low Cost Optical Fusion Splicer from SKYCOM


SKYCOM Low cost Optical fusion splicer available. 
For order, please contact:
Computer Solutions, Imphal.
Authorised Dealer of SKYCOM
Email :
Phone : 9862005710

Sunday, April 20, 2014

Convert MBR to GPT without data loss using Gptgen

Using this method you can convert MBR to GPT without loosing data, using a command line utility called gptgen. Gptgen is a tool designed to non-destructively convert Hard Disk partitioned in the common, “MSDOS-style” MBR scheme (including extended partitions) to use a GUID partition table (GPT). It’s a very extensive tool but a bit complicated to run. According to the tool’s ‘read me’ file, the syntax of the tool is “gptgen [-w] \\.\physicaldriveX”, where X is the drive number reported by the Disk Management console or the “list disk” command of the DISKPART utility. The -w option makes gptgen write the generated GUID partition tables to the disk, otherwise the primary table will be written to a file named “primary.img“, and the secondary table to “secondary.img“, in the directory that the program was invoked from. You can then use e.g. dd to write the tables to the disk. You can download GPTGEN from

Sunday, March 16, 2014

Redirect HTTP for Block Customers on Mikrotik

One common question I see on forums and other places is how you can use Mikrotik to redirect non-paying users to a “pay me now” page.  This tutorial will cover one of the methods that you can use to accomplish this seemingly confusing function.

The easiest method to accomplish this function is using the web proxy (in transparent mode).  We will use an address list to keep a list of users who will be redirected.  If you are using PPPoE, you can just as easily create a profile for disconnected users that pulls IP addresses from a pool of addresses that will be redirected.  This approach is much easier for PPPoE users for whom you currently provide dynamic IP addresses.

So first, let’s look at creating the address list.  This is very easily done via command line as follows:

/ip firewall address-list

add disabled=no list=disconnected address= comment="disconnected user 1"

add disabled=no list=disconnected address= comment="disconnected user 2"

It’s as easy as that.  As you can see, there are 2 addresses being added to the list we will later use to redirect to the proxy server.  If you are running PPPoE server and wish to create a pool of addresses to redirect, you first need to create the pool as follows:

/ip pool

add name=disconnected-pool ranges=

Then, you create the profile as follows:

/ppp profile

add name=disconnected local-address= remote-address=disconnected-pool

Once this profile is created, you simply change the user you wish to disconnect to use the profile called “disconnected”.  How you accomplish that is dependant upon whether you use the local database of users (/ppp secrets) or radius.  It is beyond the scope of this tutorial to discuss how to do this in a radius server, as there are a number of server platforms and each will have it’s own unique methods.

At this point, you should build the web page that you want users to see.  It is very important that you pay careful attention to securing the proxy.  I recommend securing the proxy both by web proxy configuration AND ensuring nothing gets past by using IP Firewall Filters (not covered in this tutorial).  Here is the configuration for web-proxy:

/ip proxy set enabled=yes port=8080

/ip proxy access
add action=allow disabled=no dst-port=80
add action=deny disabled=no dst-port=80 \
add action=deny disabled=no

This configuration configures the proxy to operate on port TCP/8080.  Additionally, any user redirected to this proxy will have their port tcp/80 traffic redirected to the page  The like that allows access to is there in order to permit the loading of images from that server by the proxy clients.  The final configuration denys ALL other access to the proxy.  As stated earlier, you will want to add the firewall filters to further secure the proxy, but this is the only configuration that is necessary.  Also, you will need to alter the above configuration to point to the page you created and wish users to see.

Finally, the only remaining configuration is to actually redirect users to the proxy and corral their traffic.  We do this in the firewall under filters to corral the traffic and under nat to redirect.  Let’s look at the filter first:

/ip firewall fitler

add chain=disconnected protocol=udp dst-port=53 action=accept comment="Users need DNS to work"
add chain=disconnected protocol=tcp dst-port=80 action=accept comment="We need port 80 to work"
add chain=disconnected action=drop comment="NOTHING ELSE for disconnected users"
add chain=forward src-address-list=disconnected action=jump jump-target=disconnected \
  comment="Redirect disconnected users to the disconnected chain"

If you are redirecting users from the PPPoE pool INSTEAD of disconnected address list, then replace “src-address-list=disconnected” with “src-address=” (assuming you are using the same pool I described above) in that last command.  These commands will permit ONLY port 80, the default http port, to function for these users.  Additionally, we permit their DNS to work, as this is necessary for them to access any web pages.  If you look under IP->Firewall->Filter (in winbox), you should be able to drag that last rule to the top of the list.  Be certain you don’t alter the order of the other rules in the disconnected chain.

Finally, all that’s left is to actually perform the redirect.  As I stated earlier, this is done in NAT.  Specifically, it is dst-nat.  The rule looks like this:

/ip firewall nat

add chain=dstnat protocol=tcp dst-port=80 src-address-list=disconnected action=redirect to-ports=8080

Again, replace the src-address-list argument with the src-address as in the forward chain if you need to.  This rule will send all http (tcp port 80) traffic from users in the disconnected address list to the proxy.  The proxy is configured to “deny all activity from users by redirecting them to your nonpayers.html page”.  The end result is users will see your nonpay page no matter WHAT they try to view in their browser.  It should be noted that if the user has an SSL page (https) as their home page, they will get an error in their browser, since we are dropping all traffic except tcp port 80.

Thursday, February 6, 2014

Setup SYSLOG with LogAnalyzer on Ubuntu Server

In this post I will cover.
1) Setting up a syslog server to log messages from local and remote sources.
2) Setup a GUI front end showing syslog items.
I’ve done this on Ubuntu Server 12.04.
First we need to get some items loaded. We will load these right from the repository.
agp-get update
apt-get install build-essential apache2 php5 php5-gd libapache2-mod-php5 mysql-server php5-mysql rsyslog
Edit /etc/rsyslog.conf and uncomment or add the following. This will set the server to accept inbound syslog messages on UDP port 514.
# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
Next, since the log analyzer runs on php, we need to tell apache how to handle php pages. Edit /etc/apache2/apache2.conf and add in the following item underneath “DefaultType None”
DefaultType text/plain
Addtype application/x-httpd-php .php
Note: If this step is not done properly, you will get a message when loading the syslog web page prompting you to save the file instead of Apache displaying the file.
Now on to the LogAnalyzer.
Download the latest log analyzer from the adiscon web site at
cd /opt
Unzip and extract the file.
gunzip loganalyzer-3.6.5.tar.gz 
tar -xvf loganalyzer-3.6.5.tar 
Copy the LogAnalyzer /src/ folder to the Apache www root or subfolder, copy the install script, make executable, and run the install scripts. It’s important to run the configure script from the same directory that will hold the syslog php files.
mkdir /var/www/syslog
cp -r /opt/loganalyzer-3.6.5/src/* /var/www/syslog
cp -r /opt/loganalyzer-3.6.5/contrib/*.sh /var/www/syslog
chmod +x /var/www/syslog/*.sh
cd /var/www/syslog/
Grant Apache access to syslog.
usermod -G adm www-data
Use a web browser to hit the new web service at http://syslogserverip/syslog/index.php. The page will show a message stating the service is not configured. Follow the steps to setup your syslog front end.