Saturday, May 27, 2017

Openmediavault notes

Openmediavault is an opensource nas system that supports intel and arm.

Most notes here will be related to the Friendlyarm Nanopi Neo and Nanopi Neo2

First tests with v1.0 media dock had some problems.  The USB port on the dock board worked, but the original attempt to use a Seagate 2tb drive didn't work.

After much help from Friendlyarm and debugging the kernel, it appeared that there was a probably known bug manifested for the drive in this case.  Will be testing later with other drives and also new builds of the kernel as well to see if that problem works out.

Great support from Friendlyarm in working on this.

V1.0 JM20329 SATA -> USB bridge.  The board has a 12V supply which runs both the SATA drive and the NEO or NEO2 board.

Updates for V1.2 to follow.

The Friendlyarm NEO and NEO2 both have debian builds with openmediavault already built.  Most of the instructions for installing the OMV on the Intel or generic build up install can be ignored, because as supplied, the Friendlyarm images have been installed with generic settings, then the SD images saved.

The instructions below have instructions on a "from bare metal" install on Intel and perhaps others, and the info for configuring the Openmediavault post install from the web interface is the reason for including the links or information here.


Howto forge page on installing scratch openmediavault.

Current OMV version for NEO2 in use:

5/25/2017, link below

Thursday, May 25, 2017

c# json. Converting json to c#; convert xml to c#

For those who land here from google searching for the reverse
(generate the C# class from JSON) - I use those fine online tools:
From reverse jsonclassgenerator tool is great. Another simple option is to use Edit->Paste Special-> Paste JSON as Classes in Visual Studio. This creates a class too! Quite handy sometimes. – sandiejat Mar 16 at 5:25
Json <--> csharp

Tuesday, May 16, 2017

Ebay history download tool

Ebay doesn't let you download your buy history.  This tool exports it in various formats.

The most useful being xml.  However the XML is actually exported as a multivalue format,
and generic parsers do not get it right.

schema is:


within each <items> object there are multiple <item> objects each representing a separate transaction with the vendor of <items> object.  So a multi-valued database would have no problem.  However
linear xml parsing results in a mess if translating later to such as an XML or flat file.

however beats nothing as an export tool

There is a chrome plugin called "ebay purchase history report". This is the best I have found so far. Only problem is it does not show the tracking# of the ordered item.

Friday, May 5, 2017

Replies to Zos messages

Issue is how to reply to messages.  

All replies to messages in z/OS (and other versions of MVS) are done with
the reply command. The command is issued as "R <id>,<text>", where <id> is
the reply ID printed next to the message and <text> is the text of the
reply. There's no reply ID shown next to this message because the reply ID
at NIP time (before the full console display is redrawn) is always 00. That
means you need to enter the command as "R 00,'I'" (without the "").

Thursday, April 27, 2017

Ubuntu 16.04 exfat mount with ntfs. 128gb SD cards example

How to Mount EXFAT partition on Ubuntu 16.04 LTS

To mount exfat partition on Ubuntu, simply install the necessary packages:
$ sudo apt-get install exfat-fuse exfat-utils

If you need to mount it from the command line, you could do
$ sudo mkdir /media/exfat
$ sudo mount -t exfat /dev/sdxx /media/exfat
where /dev/sdxx could be /dev/sda1 or /dev/sda2, or so on.

If you are not sure whether the exfat partition you are looking for is /dev/sda1 or /dev/sda2, then you could also run
This should do it! 

The ghome-disks utility can also be used to start and mount this.  Since it is /dev/mmc and not /dev/sd, the system will probably have it assumed to be system owned, and will mount under root ownership only.

You can follow the above, but will then have to do a lot of crap with permissions to the mount.  If it were or is a fixed mount and not the automount /media mechanism one can do that once.  However it will be reset on every mount and be inconvenient.

Solution might be to use gnome-disks.  That has a problem however.  The FUSE exfat driver and the above asset is root owned.  Gnome-disks will not access and mount it due to the system ownership problem

So use a utility to run gnome kit stuff from a command line as su root.

apt-get -y install gksu

installs the gksudo and other stuff.

gksudo gnome-disks will mount the device and make it properly available.

Note that sudo gnome-disks makes the thing root owned again, since you are running as root user in the desktop.  gksudo will run as root, but effectivly as the user desktop user id.

Thursday, April 20, 2017

support for ancient ubuntu releases

I've got a couple of machines that probably won't upgrade nicely, and the "gee why can't you upgrade them" comments are useless.  The ones I had were appliance downloads popular at the time I obtained them, and there was not the usual trail of how they were built accompanying them.

since one is my email archive I will continue to run it till SMTP POP3 and IMAP protocols die without any update.

Here is a link which worked for my oldest version, hardy, which is Ubuntu 8.  The date of the release is to probably 2006 maybe earlier.

Here is the most useful answer (including the useless suggestion to update). 


Your system is End-of-Line (EOL), therefore not officially supported. Unless you have a good reason for sticking with 9.04, upgrade to a newer version. 16.04 is the next long-term supported release for Ubuntu, which will continue to receive updates.
To access old Ubuntu repositories, take a look at
There is also an official Ubuntu documentation for EOL upgrades
They say you should be able to access your packages by putting the following into /etc/apt/sources.list. Important: Change CODENAME to your distribution's code name, e.g. jaunty.

## EOL upgrade sources.list
# Required
deb CODENAME main restricted universe multiverse
deb CODENAME-updates main restricted universe multiverse
deb CODENAME-security main restricted universe multiverse

# Optional
#deb CODENAME-backports main restricted universe multiverse
Just run apt-get update and you can use them.

Thursday, April 6, 2017

Migrating Readynas Radiator to OS 6 Readynas devices

One challenge in migrating from Sparc architecture products, to Intel or other (Arm), is that the Linux file system on sparc was built with a 4k block size, rather than 512.

On Intel linux, if you set up your disks, you can mount them with some incantations and special procedures.  Not sure how the Readynas Linux handles that problem, but there is a link showing it.

I had a bad disk and some problems with the data recovery firmware on a REadynas NV+ some years ago and got the support group to help me get around it.  In the mean time, I had mounted the 4 drives on an Intel linux system I'd built up and had recovered most of the data.

Copy of article for archival:

This articles outlines the necessary steps to access data on disks from ReadyNAS units running RAIDiator on ReadyNAS OS 6 units.
Due to differences in CPU architecture and operating system between RAIDiator and ReadyNAS OS 6, it may be necessary to take additional steps once the disks are moved to an OS 6 chassis.
If your ReadyNAS running RAIDiator is still functional, and you can access the data, we recommended you first backup the data to another location
If you can no longer access the data using your legacy ReadyNAS and you wish to access the data using your ReadyNAS OS 6 device, booting may not be as easy. Depending on which legacy model the disks come from, and which ReadyNAS OS 6 you posses the steps differ to make the data accessible.
After initially moving the disks from the legacy ReadyNAS to the ReadyNAS OS 6 model please be aware of the following items;
  • Do not attempt an OS reinstall
  • Do not attemp a factory reset
  • The RAID must be healthy i.e. if the RAID was broken on the legacy NAS it will not always be possible to access the data on the ReadyNAS OS 6 - an example of this would be 2 failed disks in a 4 disk RAID 5.
  • ReadyNAS OS 6 model must have at least the same amount of drive bays as the legacy ReadyNAS
  • Logging a ticket with Technical Support may be required
  • Purchasing a data recovery contract may be required
  • You may require one additional spare blank disk
  • You may require an external location to where you can recover your data to i.e. external USB HD, network share, other NAS storage.
To find the steps needed to access the data on your ReadyNAS OS 6 device, find your model below:
  • ReadyNAS OS 6
    • ARM
      • ReadyNAS 100 series (RN102, RN104)
      • ReadyNAS 200 series (RN202, RN204)
      • ReadyNAS 210 series (RN212, RN214)
      • ReadyNAS 2120 (RN2120)
    • x86
      • ReadyNAS 300 series (RN312, RN314, RN316)
      • ReadyNAS 500 series (RN516)
      • ReadyNAS 700 series (RN716X)
      • ReadyNAS 3130 (RN3130)
      • ReadyNAS 3138 (RN3138)
      • ReadyNAS 3220 (RN3220)
      • ReadyNAS 4220 (RN4220)
Find the model of your Legacy ReadyNAS running RAIDiator, click on the link and follow the instructions. X represents whether or not your model came with disks.

Tuesday, April 4, 2017

NFS Client and Server setup pages

To set up NFS Client and Server functions on Debian, et. al. here are some notes

NFS Server

apt-get install nfs-kernel-server nfs-common

NFS Client

apt-get install nfs-common


/home/jws ,sync,no_subtree_check)

Other setup details related to mount @ boot time, etc., refer to link below.

Examples above from:

Tuesday, March 28, 2017

Readynas Radiator 4.1 firmware problem with SMB CIFS shares

The changes made to SMB protocol from version 1 to version 3, seems to have killed the share mode of access on readynas older systems.

Switching to user share mode and creating a user is a pain as well.

But the share name is entered as a user id in passwd, but not put up as a user in the gui, which is a huge hole when you switch from share to user.

the only method of fixing it is to install EnableSSHAccess and log in as root.  One can then set an SMB passwd on the shares that exist, and each will be accessible with that passwd on system thru so far and including windows 10.

Also other secured user access is then possible once the sharing is turned on if desired.  The users cannot access others storage w/o using group access features.

Of course this has a possibility of voiding any service you have with Netgear (warranty for 4.x devices is long gone).  But if you have any service agreements, don't do this w/o checking since it may impact your agreements for unauthorized user mods to devices.

To install ssh access for 4.x radiator do the following

Download EnableRootSSHAccess for your architecture from here


Original NV+ and 1100 systems are Sparc.  Pro and Ultra systems on 4.x will be Intel.  I'm not sure if Arm has a 4.x version.  All the ones I've seen with Arm are 6.0


  1. Get the SSH bin file from the ReadyNAS web site. Click the Add-ons for RAIDiator 4.1.3+ link and scroll to the EnableRootSSH link. Download the bin file and store it on your local computer.

  2. Log in as admin on your ReadyNAS using a browser

  3. Update your ReadyNAS firmware (optional). This is under System > Update. Just click the Check for Updates button.

  4. Click the Local tab and click Choose File to find the EnableRootSSH.bin file that you previously downloaded. Upload this and follow the prompts.
 A restart of the Readynas system is required, if you have other users on the device.  (since some windows systems may work).  I doubt if any samba stacks such as one would have with shares on MacOS would work, but they may be impacted.

Install instructions from here;

CIFS mount problem on Linux, Error 12, can't allocate memory error

There is a workaround for this which is in the link below.

What worked however is this:

reg add HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters /v Size /t REG_DWORD /d 3 /f
sc stop  LanmanServer
sc start LanmanServer

Will have to research and update link with whatever is being done, but this worked for mounting my Google driver server windows 7 system.

Windows Xp so far has not shown the problem.  Other options have been necessary too, this is just the latest.

Occured on a Cubox debian Wheezy system on 3/27/2017 for me.


Monday, March 27, 2017

Microdata, Decision Data, and Western Dynex boards

These boards showed up in an auction and Al Kossow kindly directed my attention to the boards, sold after the system was scrapped.

There is a clean set of spares from a 2400 RPM Dynex, probably a 6000 drive, including backplane and terminator.

There is a Decision Data + Intel manufactured processor and memory set, as well as an 8 slot backplane in the lot.

And there is a Microdata manufactured 1600 board set in the lot, but with Decision Data markings in the etch and some of the silkscreens.  This includes a larger 14 slot backplane.

Included in the Microdata set, is a CPU set, DMA board set, 2950 (Decision Data badged), and one (or two) A20002613 8ways.  The 2613 had full modem control.

There is also an 8 port DB 25 board, which should work with any of the 8ways available, hopefully via ribbon cables.

There is an interesting cabling setup with an additional 50 pin connector on the 8 port connector that will have to be investigated.

Both of the backplanes are powered via molex connectors, rather than the Microdata Paddle board approach in the last slot.

Boards from Western Dynex 2400 RPM drive, probably 10mb capacity.

A2 Control

Tag says 2400RPM.  I am going to infer this was for a 10mb (5 over 5) drive, since I doubt many 5mb drives were made at 2400RPM

Closeup of service tag.  shows 2400RPM

Sector Counter A1

Servo A3

Data A4

Backplane, Pin side, showing Terminator and input cable slot

A1 Sector Counter / Control
A2 Control
A3 Servo
A4 Data
Backplane Component side.  Both sides have 3 level WW pins available on all pins

Set of boards in backplane, best guess as to location

Closeup of the shot with the boards in backplane
Only one board identified as Servo is pretty certain.  I guessed from memory on the others.
Closer shot of the boards in backplane

Decision Data processor set

8 Way connector Top 2 cables are probably from 2613.  not sure what the other one did

8 slot backplane.
Since there are no keyways in the backplane, and none on the 2901 cpu set boards, I'm guessing this is the backplane for the newer system.

Also it only hs the single 12 pin Molex power connection.  There is an 8 slot rear of board connector on the memory board below, probably to supply +5 and maybe a minus voltage to the memory array, so the backplane supply is probably enough +and- 12 to run the 2613's and a lot of +5 and ground

2901 cpu and firmware
Sadly one rom is missing, so no firmware disassembly is probably going to happen.
2910 and other logic in second CPU set board
A 40 pin chip / socket has been totally scraped off this, as well as maybe some other damage.  Worst damage of the lot.
Intel Memory board
The Etch shows Intel (in Intel font) made this board.  All the chips are NEC though.  Guess all the work making the board didn't pay off for the Intel memory division, unless they distributed or resold NEC parts.
Memory array on the Intel board
The array is of 16K x 1 parts, and there are 11 parts in each column.  Suggesting single bit correction 2 bit detection ECC capability with the memory.

Total of 64K, which would align with what a Microdata 1621 firmware board would do.
Memory chips with legible part#s
NEC UPD416C-2 parts  Date code 85 maybe on one chip?
NEC UPD416C-2  Link copied 3/2017
NEC UPD416C-2  PDF data sheet link copied 3/2017

200ns 16k x 1 memory Page Mode Dram

Microdata Compatable / manufactured (In*sight) boards

A20002613 8 way with modem control

Microdata A20002515 DMA board

Microdata A20001242 Control CPU board

Microdata A20001043 Data CPU Board

Second A20002613 8 way with modem control

A20001044-1 Front panel interface

14 slot backplane for Microdata CPU. 
From the spacing and practicality of the design, the 1040 front panel board goes in the slot on the left in the backplane.  Microdata had a 12 slot  with 20 amps, and an 18 slot with 40 amps (or 20) of their own.

Some outfit named Elko Pacific made these backplanes.  The connectors do not match the most common Microdata part for their original backplanes.  CDC originated the backplane connector that Microdata used.

This connector may be from a 130 pin connector vendor who made parts for the later Reality 6000's 8000s, and Royale systems.  The 1040 backplane had a heavier bakelite / plastic component.
Closeup of Elko Pacific badge and power input
Serial numbering didn't match the style of Decision data which used such as 111DDxxxx numbering

Also the backplane termination is shown.
This is serialed 6-05607

Closeup showing more etch info
Type A 18801434-2
also various other inspection stickers
111MD01001 is the Decision data style part number and appears to be possibly silkscreened on

Serial I/O DB-25 panel
Will to figure out if there is anything more than a multipurposing of the design to have the extra 50 pin connector.  The Microdata A20002613's would have used two 50 ribbon cables to the board.

Possibly another design board made by Decision Data used just a single 50 and omitted some signals.

When Microdata originally licensed the CPU to people, they had a single port RS232 with modem control board, a 4 way which had no scanner.

There were two 8 port boards with scanners, the 2612 and 2613.  The 2613 was designed by Bill Homans as one of his first projects.  Both of those boards had a scanner feature which was clocked around to present the status lines of each 8way to the software.  There was logic to "lock" the scanner when a line had a status change.  Ports could be disabled, in input listen and lock mode, or in interrupt driven output lock mode.

A single address starting @ 0x18 in the 1600 address space would control the board.  The board had one interrupt for the board, and usually used firmware assist to run the boards.

The original 1600 could run well with the later A20002614 and A20002615 designs, but did not do that well with the 2612 or 2613.

Microdata Reality used the 2614, 2615, and Irvine Computer Corp 80010001 8ways for I/O.

The 2614 and 2615 had only to have ground, transmit and receive to work.

The ICC 8way added flow control in and out in hardware with some additions of hardware to monitor the Reality I/O state.

Friday, March 10, 2017

Notes for running Windows 98 (or older OS's) on Rpi

Snip from a posting about making up a Raspberry Pi running QEMU running Windows 98.  Mainly a QEMU note.

This part needs to be done on a Windows based computer, not the Pi:
I broke out my copy of Windows 98 and followed this chaps guide to get the .img file needed for the emulator, copied it over to my Pi (into ‘/home/pi’ for ease of access).
Now back to the Pi:
Don’t worry about the Youtube video in the post above, that is for an older version of Raspbian, now Jessie has QEMU available and easily obtainable by typing:
sudo apt-get update && sudo apt-get install qemu -y
Time to test it. Navigate to ‘/home/pi’ and run:
qemu-system-i386 -localtime -cpu 486 -m 96 -hda win98.img
QEMU should pop up and begin launching Windows 98, when its loaded have a click around and then shut it down as you would a normal 98 machine.
When QEMU has shut off it’s time to apply…


I just installed debian jessie on a desktop PC. Ran the update and upgrade. And then I simply ran the apt-get install for qemu. That allowed me to do the entire win98 install on the desktop PC.

After installing qemu, I used the following command to create the img file:

qemu-img create win98.img 1G

Then I used the following command to install windows from a win98 ISO created from an original install disk.

qemu-system-i386 -localtime -cpu 486 -m 256 -cdrom d win98se.iso -boot d -hda win98.img

Doing that resulted in a quick, clean, problem-free windows 98 install. It bypassed all the Win98 installation problems I was having on the RPI. And this works much better anyway since the desktop is a much faster PC to work with.

After the win98 install, I took the resulting img file and copied it over to the PI. And then I used these instructions to get qemu running on the PI.

After qemu installed, I used the following command to run 98 on the RPI.

qemu -cpu 486 -m 256 -hda win98.img

It's slow, but seems to work great. The only problem I have found is it does not close cleanly. It always hangs on shutdown which means it always does a scandisk when it restarts. If anyone has any ideas how to fix that, I'd love to hear them.

Tuesday, March 7, 2017

vmx network setting notes

Vmware notes on selecting network adapters

Advanced network settings
VMX-file parameters

Basic setup
MAC address handling
ESX - specific
VMware-tools related Wake on LAN
Advanced setup - experts only Advanced MAC address handling - experts only

other parameters related to network

Basic setup - see basic table for reasonable blocks

ethernet0.present = "false" Main-switch: set to "true" to enable the device.
This parameter works like a mainswitch - if it is set to "true" all other parameters related to the same device are parsed. If it is set to "false" the other parameters are ignored.

ethernet0.startConnected = "true" Silently defaults to "true"
set ito "false" f you don't want the nic to be connected at boot

ethernet0.virtualDev = "vlance"
ethernet0.virtualDev = "vmxnet"
ethernet0.virtualDev = "e1000"
On current VMware-versions you can use any of these 3
e1000 performs best but your OS may not come with the drivers
vmxnet needs drivers that come with the VMware-tools
vlance should work on all older OS without additional drivers

ethernet0.connectionType = "bridged"
ethernet0.connectionType = "hostonly"
ethernet0.connectionType = "nat"
ethernet0.connectionType = "custom"

ethernet0.connectionType = "monitor_dev"
Sets the connection type.
Silently defaults to "bridged"

also see additional notes

ethernet0.vnet = "vmnet0"
ethernet0.vnet = "vmnet9"
Sets the number of the used vmnet.
Only use with connection type "custom"
also see additional notes


MAC-address handling

ethernet0.addressType = "generated"
ethernet0.generatedAddress = "00:0c:29:40:7e:22"
ethernet0.generatedAddressOffset = "0"
This lines are added automatically on first start of a VM.
If you need a different MAC delete this lines and use those from the next block

ethernet0.addressType = "static"
ethernet0.address = "00:50:56:3e:86:29"
This settings have to be used to configure a
MAC-address manually.

Valid range:

ethernet0.addressType = "static"
ethernet0.addressType = "generated"
ethernet0.addressType = "vpx"


advanced MAC-address handling

ethernet0.ignoreMACAddressConflict = "false"
I think this is another silent default - usually a Nic will not come up if the same Mac exists on the network.

ethernet0.noPromisc = "true"
This disables - well have a guess - yes , this disables promiscous-mode.
On Linux hosts you must be root to set nics into promiscous mode - read more

ethernet0.noForgedSrcAddr = "true"
This disables spoofing of Mac-address

ethernet0.reassignMAConResume = "true"
I guess this is another silent default - usually VMware tries to assign the same MAC after resume as it was used before resume.

ethernet0.checkMACAddress = "FALSE"
ESX and WS 6.5 - allows to set a MAC outside the usual range (experimental)
ethernet0.downWhenAddrMismatch = "false"
see knowledgebase


Tools related settings

ethernet0.allowGuestConnectionControl = "false" Disallow control of connection from inside the guest.
(Only works with guests that have VMware tols installed)
Silent default is "true"

ethernet0.disableMorphToVmxnet = "false"
Vlance-nics magically morph to VMXnet nics after tools-install.
Don't use ...


Wake on Lan

ethernet0.wakeOnPcktRcv = "false"
Workstation 6 and higher only
Set to "true" to enable WakeOnLan functions
Don't specify unless you really need it.


ESX specific ?


Ethernet0.connectionType = "monitor_dev"
Ethernet0.devName = "vmnic0"
Ethernet0.networkName = "sciquestprod"
ESX - specific ?


Advanced setup
WARNING: don't use this unless you kow what you are doing





Fine-tuning: don't ask me

ethernet0.features ="0"
Do you get poor UDP-performance with vmxnet-device ?
Try this - see forumpost
May speed up performance when running ghost ...

ethernet0.allow64bitVmxnet = "true"
ethernet0.allow64bitVlance = "true"
ON 64-bit hosts VMware likes to assign E1000 - but you can force it to use different adapters by useing this lines
along with the appropriate virtualDev-entries.

ethernet0.opromsize = ?
Boot ROM size - don't know details

ethernet0.features = "0x2"
Enable TCP Segmentation Offloading (TSO) for a Windows virtual machine on ESX 2.x
Reference: knowledgebase 1465


related parameters

These parameters are somehow related but not dependant on the main-switch that

vlance.noOprom = "true"
vmxnet.noOprom = "true"
Recent VMware-versions allow Network-boot.
If you know that you don't need this, you can free some memory by using this

ethernet.e1000.available = "true"
ethernet.vlance.available = "true"
ethernet.morphNICs = "true"
ethernet.perfMonInterval = ?
Don't use

vnet.dontProbe = "false"
Sometimes Windows-guests have problems to probe the
virtual Nics at boot-time: try this

Don't use it if you don't need it - it affects performance


There are two different ways to assign Virtual Nets:
The easy way uses one out of three options:
ethernet0.connectionType = "bridged"

ethernet0.connectionType = "hostonly"
ethernet0.connectionType = "nat"

The expert way uses a combination of 'connectionType' and "vnet"
ethernet0.connectionType = "custom"
and the exact number of the VNET you want - like
ethernet0.vnet = "vmnet0"
Lets have an example: you have two bridged networks on Player: vmnet0 and vmnet2
If you use
ethernet0.connectionType = "bridged"
ethernet1.connectionType = "bridged"
the second ethernet device will not come up.

If you use
ethernet0.connectionType = "custom" ethernet0.vnet = "vmnet0"
ethernet1.connectionType = "custom"
ethernet1.vnet = "vmnet2"
instead - both devices will come up.

Sunday, March 5, 2017

Notes on disabling pad when USB mouse is plugged in

How To Turn Off Touchpad When Mouse Is Connected In Windows 10/7/8.1

Earlier this year, I talked about configuring Mac OS X to automatically disable the trackpad when a mouse is connected to the MacBook. This feature comes in handy for those users who always use a mouse and don’t want to use the built-in trackpad after connecting the mouse.
In Windows operating system, a graphical option to automatically turn off the touchpad when a mouse is connected can be found under Mouse Properties in Control Panel. In addition to that, if you’re running Windows 8.1 with the recently released August Update, you can now configure Windows 8.1 to automatically turn off the touchpad when a mouse is connected to your netbook or notebook right from PC settings.
If you’re using a notebook or netbook equipped with ELAN or Synaptics touchpad, an option labelled Disable internal pointing device when a mouse is connected should appear under Mouse Properties.\
Following are the steps you need to follow in order to automatically disable touchpad when a mouse is connected in Windows 10, 8/8.1 and Windows 7.

Turn off touchpad when mouse is connected using Control Panel

Method 1 of 4
For Windows 10
Step 1: Open Settings, click Devices icon and then click Mouse & touchpad.
Step 2: Under Touchpad section, turn off the option labelled Leave touchpad on when a mouse is connected.
Method 2 of 4
(This method should work fine on Windows 10, Windows 7, and Windows 8/8.1)
Step 1: Open Control Panel by navigating to Start menu and then clicking Control Panel.
Step 2: Change the default View to Small icons. Look for the entry named Mouse and click on the same to open Mouse Properties.
Step 3: Switch to the ELAN or Device Settings tab and look for an option titled Disable when external USB pointing device plug in or Disable internal pointing device when external USB pointing device is attached. Check the same option and then click Apply button. That’s it!
If the above option isn’t present and you’re laptop is using Synaptics touchpad, you can try out the given below instructions to see the above mentioned option.
Method 3 of 4
NOTE: We recommend you create a backup of Registry before changing default entries.
Step 1: Open Registry Editor. To do so, open Run command by simultaneously pressing Windows + R keys, type Regedit.exe in the field followed by enter key.
Click on the Yes button when you see the UAC prompt.
Step 2: In the Registry Editor, navigate to the following key:
Step 3: On the right-side, create a new DWORD value and rename it as DisableIntPDFeature. Finally, change its value to 33 (make sure that Hexdecimal is selected under Base section).
Step 4: Close the Registry Editor and reboot your PC to see Disable internal pointing device when external USB pointing device is connected option. Good luck!
Method 4 of 4
Disable touchpad when mouse is connected in Windows 8.1
Step 1: Open PC settings. To do so, move the mouse cursor to the upper or lower right corner of the screen to see the Charms bar, click Settings and then click Change PC settings option.
Step 2: On the left-pane of PC settings, click PC and devices, and then click Mouse and touchpad.
Step 3: Here, on the right-side, look for the option titled Leave touchpad on when a mouse is connected and turn off the same to automatically turn off the touchpad when you connect a mouse to your Windows 8.1 notebook or netbook. That’s it!

Monday, February 20, 2017

Openvpn - Ipfire setup

Archive of setup web page

Table of Contents


This tutorial is a follow-up to the Install IPFire Linux Firewall tutorial. The goal is to configure OpenVPN from inside IPFire to support a client-to-network or host-to-net configuration. This can also be referred to as a "road warrior" configuration. It is most often used when you would like to establish a secure connection into the private network from various remote locations. This is in contrast with a network-to-network (site-to-site) configuration where you are linking two private networks that are each protected by IPFire or OpenVPN servers.


Complete part one of the tutorial OR have an available IPFire virtual machine configured in your data center.
Access to the IPFire web interface. (Typically listens on port 444)
Optional: SSH access to the IPFire server. (Typically listens on port 222)

Configure OpenVPN on the IPFire Server

Open Services -> OpenVPN from the top navigation menu once you have logged in as admin.
OpenVPN Services Menu
Click Generate root/host certificates.
OpenVPN Services Main Screen
Fill out the required fields Organization Name and IPFire's Hostname. The hostname should be populated automatically. 2048 is a reasonable value to select from the Diffie-Hellman parameters length drop-down menu.
OpenVPN Generate Certificates
The WARNING in the screenshot above is valid. Generating the root and host certificate can take a long time. If you want to confirm that it is working, open a SSH session to the IPFire server and use the top command to see the openssl process running with significant %CPU activity while the certificates are being generated. The certificate generation process took 10 - 15 minutes to complete for this tutorial.
OpenVPN Generate Certificates top
You will be returned to the Services -> OpenVPN screen once the certificates have been generated. The Certificate Authorities and Keys section will contain new values for Subject and Action.
Click Advanced Server Options.
OpenVPN Generate Certificates done
Under Advanced server options you can select SHA2 (256 bit) for the Hash algorithm and also check the box for HMAC tls-auth. Use the Save advanced options button when you are done.
OpenVPN Advanced Options
Now check the boxes for OpenVPN on RED and LZO-Compression and then press the Save and Start OpenVPN Server buttons. We want to have OpenVPN listening on the "RED" interface so we can establish an OpenVPN connection across the public internet. The "LZO-Compression" option reduces bandwidth usage by compressing traffic that passes over the VPN.
OpenVPN Start
The OpenVPN server will start and this will be reflected by the value of Current OpenVPN server status changing from STOPPED to RUNNING.
OpenVPN Started


Now that OpenVPN has started, you can verify it is listening on port 1194 from the shell using netstat.
[root@ipfire ~]# netstat -na |grep 1194
udp        0      0  *
or using ss with the -u for UDP and -l for LISTEN options, like this:
[root@ipfire ~]# ss -u -l |grep openvpn
State      Recv-Q Send-Q                 Local Address:Port          Peer Address:Port
UNCONN     0      0                       *:openvpn                  *:*

Add a User

In the Connection Status and -Control section, press the Add button to begin the process of adding a new user.
Connection Status Control Add
The Host-to-Net Virtual Private Network (Roadwarrior) connection type should be selected by default. Confirm the selection and press Add to continue.
Connection Status Control Add Host-to-Net
We will now complete the fields on this screen. Under Connection: we need to fill out Name:. You may wish to add a Remark: as a comment or note to yourself regarding who this user is. Please make sure Enabled: is checked.
Under Authentication: we want to Generate a certificate: so we will need to enter the User's full name or system hostname: and enter a password in the PKCS12 File Password fields. The Valid till (days) field controls the expiration date of the certificate. If your organization doesn't have to comply with any specific regulations regarding certificate replacement, then entering a value of 999 gives this user a little under three years until expiration.
Connection Status Control Add Host to Net User Details
For this tutorial, we will ignore the Advanced client options section. Additional details on the various configuration options available here can be found in the OpenVPN client config section of the IPFire Wiki.
When you have the necessary fields filled out, press the Save button.
NOTE: Keep track of the PKCS12 File Password assigned here as the client will need it to connect.
The Connection Status and -Control section of Services->OpenVPN should now show the newly-added user.
Connection Status Control New User

Download and Install the OpenVPN Client Software

The OpenVPN client can be downloaded from
You will want to choose the appropriate installer for the OS you are installing on. For Windows 10 64-bit, you would select the "Installer (64-bit) Windows Vista and Later". At the time of writing, the file you would end up downloading is called openvpn-install-2.3.8-1601-x86_64.exe. Be aware that this filename will change as new versions of the OpenVPN client software are released.
Once you have the installer file downloaded, go ahead and start the installation. The installation process on Windows 10 is quite typical with one exception. During the install you will be prompted to approve the installation of the 'device software' "TAP-Windows Provider V9 Network adapters"
TAP Network Adapter Prompt
Click the Install button to approve the installation and continue.
After a few minutes, you should see a screen indicating that the installation has completed successfully.
OpenVPN client install completed successfully
At this point, I would suggest that you do NOT launch the software, but instead take a look through the README file. For version 2.3.8, the following important information is contained in the INSTALL-win32.txt file:
Finally, install the new version of OpenVPN and copy over
your configuration files and certificates, which now go to

    C:\Program Files\OpenVPN\config

provided you did not install the 32-bit version on 64-bit


Note that on Windows Vista, you will need to run the OpenVPN
GUI with administrator privileges, so that it can add routes
to the routing table that are pulled from the OpenVPN server.
You can do this by right-clicking on the OpenVPN GUI
desktop icon, and selecting "Run as administrator".
We will follow that advice and copy the configuration files to our local system and put them in the appropriate directory.

Client Configuration

The config files are available in a zip archive which can be downloaded from the ipfire web interface.
OpenVPN download client package
Use the Download Client Package (zip) action icon to save a copy of the config files to your local system.
OpenVPN download client package save
Once the file is downloaded, extract the contents to a temporary location and we will proceed to copy the files to the correct location. For this tutorial there are three files in the zip archive:
Here is a screenshot of the default config directory C:\Program Files\OpenVPN\config on Windows 10 (64-bit):
OpenVPN default config directory
We need to provide administrator permissions in order to copy the files into the config directory successfully.
OpenVPN config directory needs administrator permissions
Once the files have been copied in, you should have something similar to the following:
OpenVPN config directory
Finally we can connect to OpenVPN by launching the OpenVPN GUI with "Administrative Permissions". To do this, right-click the "OpenVPN GUI" shortcut or menu item, go to "More" and then "Run as administrator". Press the Yes button when the "User Account Control" warning pops up.
OpenVPN GUI launch as administrator
The OpenVPN GUI icon should appear in your task bar. Right-click it and you should see the options available, including one to Connect.
OpenVPN GUI connect
If the configuration files are NOT present, the menu is much shorter. So, if you happen to see something like this:
OpenVPN GUI connect no config
then double-check that you have copied the configuration files into the correct location.
When we Connect, we will be prompted for the PKCS12 File Password that we set earlier when adding the Host-to-Net user. Enter it now, and some information will scroll by as the connection is established.
OpenVPN GUI connecting
If successful, we will briefly see a notification in the lower right corner of the screen:
OpenVPN GUI connected
The OpenVPN GUI taskbar icon has changed to a green color indicating a successful active connection. If you want to see the status of your connection, you can right-click the taskbar icon and select Show Status from the menu.
OpenVPN GUI connected show status
Everything looks good, so we can proceed to test the connection. How you do this will somewhat depend on what other resources you have configured on your data center network. At the very least though, we should now be able to ping the GREEN network interface of the IPFire server from our local machine that is now connected via OpenVPN.

Pinging with 32 bytes of data: 
Reply from bytes=32 time=43ms TTL=64
Reply from bytes=32 time=44ms TTL=64
Reply from bytes=32 time=43ms TTL=64
Reply from bytes=32 time=44ms TTL=64

Ping statistics for
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 43ms, Maximum = 44ms, Average = 43ms
We should also be able to access the IPFire web interface over the GREEN network ( via the VPN instead of having to access it over the RED network.


If you are having difficulty connecting to resources on the private network over the OpenVPN connection there are a few things you can check.
The OpenVPN client needs elevated permissions in order to modify the Windows system routing table. If your traffic is not being routed properly, make sure that you launched the OpenVPN client/GUI with Administrator permissions. Generally this is done by right-clicking the icon for the program and choosing "Run as administrator".
Make sure the appropriate route has been added so that you can access the private network from your OpenVPN client. If you are running the OpenVPN client on Windows, you can use netstat -nr to take a look at the system routing table.
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
     10     20         On-link    276         On-link    276     21
The last entry in the table above shows that traffic destined for the network will be routed through to the IPFire server running OpenVPN. This will allow us to access any servers using an IP address in the ip range, including the management interface of IPFire itself. For the tutorial, we have IPFire listening on
The route(s) the server automatically pushes to the client when connecting are controlled by an individual CCD (Client Configuration Directive) file on the server. These files are stored in /var/ipfire/ovpn/ccd/ with a filename that matches the user we added. For purposes of this tutorial, the full path to the file is /var/ipfire/ovpn/ccd/jdoe. If we take a look at that file, we can see that a route for our private network is properly configured to be pushed to the connecting OpenVPN client.
[root@ipfire ccd]# more jdoe
# OpenVPN clientconfig from ccd extension by Copymaster#

#This client uses the dynamic pool

#Client gets routes to these networks (behind IPFire)
push "route"
You may find that a different route is set here if you have changed the ip network the GREEN/Private interface is using since initially configuring OpenVPN or adding the user.


You are welcome to post questions or comments related to this tutorial and we will endeavor to provide assistance.