Port Forwarding in Windows

I always enjoy finding something new that meets a need. As you might guess from the title, I found myself recently needing to forward a port on a Windows server. The scenario is that I had a server I need to allow access to from an network that hadn’t been originally planned to do so. I could have just opened a firewall port, but I prefer to set up a more secured method.

For web connections this can be done using a reverse proxy pretty easily and Windows 2012 server even includes a wizard to make this easier to set up. In this case I needed to forward an arbitrary port to the same port on another server.

It turns out this functionality is built into Windows and has been since at least 2008 and the command to do so is pretty simple.

netsh interface portproxy add v4tov4 listenport=80 listenaddress 10.0.0.1 connectport=8088 connectaddress=192.168.1.75

This binds port 80 on address 10.0.0.1 on the local server and forwards any traffic received on this port to port 8088 at address 192.168.1.75. The response is also returned back through the proxy to the source server. It works quite nicely in early testing and fills a need I’ve always had trouble finding a good, reliable solution for on Windows. There are only a few limitations I’ve found so far. From my reading it seems to require IPv6 to be installed to work even if you’re not doing an IPv6 connection. It also cannot bind the localhost addresses which limits use in development scenarios. Documentation on the command is at http://technet.microsoft.com/en-us/library/cc731068%28v=ws.10%29.aspx.

As implied by the v4tov4 portion of the command, you can use this to set up proxies between IPv4 and IPv6 servers. That should come in handy when migration to the new IP version comes over the next few years.

Article Published on Tuts+ Code

My article on Securely Handling User’s Login Credentials is up on Tuts+ Code.

For most websites, you have different areas within it (home page, user profile, admin page, etc.), some of which will be public and others will need to be restricted to only certain users. You often want to uniquely identify users so you can provide customized content or to capture specific information from a user. Many sites also need to protect part of the site, such as an administrative area to maintain and update the content of the site. In a CMS site, some users may be able to create content, but others must approve that content before it is shown to the public.

Read the Rest.

Better Weigh in the App Store

So earlier this year I decided to write an app for the iPhone. In my case I wanted to loose a little weight before working to add on some muscle for a planned summer trip. I’d not been particularly happy with anything I found to track my weight before, so I decided to write my own. Thus was born Better Weigh.

 better-weigh-screenshot

The app focuses on helping you track your weight and spot trends such as subtle weight gain before weeks of dieting is required to lose unwanted weight. It works if you’re looking to lose weight, gain weight, or just maintain your weight

Just normal changes from diet, exercise, and other activities can cause your weight to vary by several pounds per day. These daily swings make the real changes over time of your weight hard to track. Better Weigh smoothes out these variations showing you how your weight is really changing and helping you reach your goal.

You can enter your weight manually or sync with FitBit. More syncing options are planned. You can find it on the App Store or see more info at http://betterweigh.me.

Cisco ASDM gives “Missing required Permissions manifest attribute in main jar” Error

Java pushed out a new update recently that implemented a change that had been warned about for a while. by default it now no longer allows running apps that are unsigned, self-signed, or without permission attributes.

This includes Cisco ASDM manager. The quick fix (other than Cisco adding the missing permission attributes file) is to add the web address where ASDM is accessed as an exception. You can do do this in Java Settings control panel. This is reached under Window by the Java option under Control Panel.

There select the Security tab and click the Edit Site List… button next to the Exception Site List. Here add the URL to the firewalls that you access with ASDM. After doing this, ASDM will connect and work again normally.

Interestingly enough given Java’s sudden concern about my security, it still asks to install the Ask Toolbar every update….

More info on the change at http://www.java.com/en/download/help/java_blocked.xml

Goodbye AppStorm

Saw today that AppStorm is shutting down. I hate to see that. I admittedly am biased as  I wrote for the Mac and Windows sides of the sites  through late last year. I always felt the site had good reviews and found a number of useful tools and apps through the last few years. More worrying is another quality site goes down as losing money while the “Ten Surprising Ways Your PC Can Hurt Your Cat” sites keep going.

Encoding CSR on Exchange 2010

Mostly writing this for my own benefit as I have to do this a couple times a year and always have to look it up. By default if you request a new or renewed certificate signing request on Exchange 2010, it comes out as a binary file that almost no certificate authority accepts. They want a base 64 encoded file instead.

It’s easy to convert the binary file to base 64 though using the certutil utility using the encode option.

certutil -encode C:\renewal.req C:\renewal.csr

This command encodes the binary file renewal.req into a base 64 encoded file renewal.csr that will work with any certificate authority.

Fixing a Lightroom Catalog

The biggest risk of any type of database file is corruption. Sometimes you can fix it, but too often the only way to recover from a corrupted file is to restore a backup from before the problem showed up and rebuild or recreate anything lost. For full database servers there are ways to minimize these problems, but for personal catalogs not so much. Major corruption let’s you know, often with a corrupt file message when starting the program. When the corruption is subtle you may not know it until it’s too late to easily recover.

I do a lot of photography and organize my work using Adobe Lightroom. At heart the Lightroom catalog is a specialized database storing information about the photos and the data you’ve attached to them. I found myself seeing an odd error whenever I would take an image into Photoshop for editing, the edited photo would not show in Lightroom as it should. After searching the Internet and talking with Adobe support, I confirmed the catalog was the problem.

I now faced =the prospect of either creating a new catalog, importing my photos, and then rebuilding lost data or rolling back to a several month old backup and redoing every import and edit since then. The later might not have been a bad option except I’d done quite a few of both the previous few weeks. EIther way I’d have to hope I didn’t miss anything. Neither felt like a particularly good option.

I began to look for ways to possibly pull the data I couldn’t normally save, such as pick/reject flags, from one catalog to another. I knew there was an SDK to create plugins and tools to work with Lightroom and I began to think of something to export everything I cared about into something like an XML or CSV file and then import it again.

I had no luck finding an existing app or plugin to do this, but during my search I learned that the catalog file in fact is a database. It’s a fairly common database format known as SQLite. This led me to the hope that I could extract the data I wanted using database queries. All those years writing web apps looked to be about to pay off in getting my data from the corrupted catalog.

I found two articles on the web at http://gerhardstrasse.wordpress.com/2010/08/19/recover-from-a-corrupt-adobe-lightroom-catalog-file/ and http://www.simplyness.com/more-photography-tips/recover-corrupted-unrepairable-lightroom-3-catalog-with-sqlite.html. Neither of these articles worked perfectly for me, but did get me in the right direction.

Without diving too deep into the technical details, SQL databases are a fairly common database structure and SQL is the language used natively to create and manipulate those databases. The process described involved converting the database into a text file that contains a series of SQL commands that could then be used to create the database.

First I downloaded the command line tool to deal with SQLite databases from https://www.sqlite.org/download.html.  I downloaded and unzipped the shell binary for Mac OS resulting in a program that could be run from the command line to manage a SQLite database. I move the sqlite3 binary to my home folder along with a copy of my catalog file leaving the original safely put away in case this didn’t work. I then used the following to dump out the contents of the database into a text file containing the SQL commands needed to create that database:

echo .dump | ./sqlite3 ~/Lightroom-3-Catalog.lrcat > ~/Lightroom-catalog.sql

The vertical bar (|) breaks this command into two parts. The first part takes the characters .dump and sends it as the input to the second part. The effect is the same as typing those commands after the second part of the line runs. The rest of the command executes the sqlite3 binary I downloaded giving it my catalog file as the database (and yes I’ve been using this catalog since Lightroom 3). The .dump command tells SQLite to display the text commands it would take to create the database. At the end the greater than sign then tells my computer to send that text to a file named Lightroom-catalog.sql instead of displaying them on the screen.

So I now had a huge text file instead of a unreadable catalog file. Some articles I read noted common errors seen in the SQL commands, but my scan of the data found nothing out of order. So now that I had a text file I wanted to create a new database using this command:

cat Lightroom-catalog.sql | ./sqlite3 ~/Lightroom-Catalog-Repaired.lrcat

This command is again split into two parts. The cat command takes the contents of the Lightroom-catalog.sql file we just created and normally sends them to the screen. As before though the vertical bar instead sends them as input to the command that follows the pipe. This command creates a new database with the name. In effect the entire contents of the 600+ MB text file is automatically typed in.

I moved the new catalog file back to my Lightroom folder and opened it. Behold everything was there and all looked good. Only problem I ran into was that when I next imported photos into Lightroom it saw the parent of the folder holding these new files as different than the original folder in spite of being the same. It made no sense to me, but was easily fixed by clicking on each subfolder and using the locate folder to get everything synced up.

It’s been a bit over a month now and all is still working well. Hope that helps anyone else running into this problem.

Managing Time Machine Backups to Windows Server Continued

Back in June I posted my experience getting Time Machine backups to work with a Windows Server as my main storage. It worked well, but had three problems. First I’d often get an error as it tried to connect to my server when I was away from my home network. I also had to manually mount the drive before the backups would run. Third, I sometimes found issues if I put the computer to sleep in the middle of a backup and woke it up off the home network.

To fix these issues I came up with a few scripts to address those. This first pair are designed to run when I come to my home network and consists of an Apple Script and a shell script.

I’d started these over a year ago, but never perfected them and lived with the limitations. I’d worked on them off an on, but didn’t complete them until I had to recreate my backup system around the time of that last post. The code for starting and stopping Time Machine came from http://apple.stackexchange.com/questions/11177/quicksilver-accessible-script-for-disabling-and-enabling-time-machine and the other code came from places now lost.

First the Apple Script to start Time Machine backups:

   1:  tell application "System Preferences" to activate
   2:  tell application "System Events"
   3:      tell process "System Preferences"
   4:              click menu item "Time Machine" of menu "View" of menu bar 1
   5:              tell button "ON" of window 1 to click
   6:      end tell
   7:  end tell
   8:  tell application "System Preferences" to quit
   9:   
  10:  tell Application "Finder"
  11:  Mount volume "cifs://<SERVER>/<SHARE>"
  12:  end tell

Lines 1 – 8 simply start Time Machine by in effect going into preferences and turning it on. Lines 10 – 12 then use mount the server share containing the disk image.

Next I need to mount the disk image. This is trickier than it might seem in my case as I had encrypted the image. I didn’t want to have to type the password each time since I’d already saved it in my Keychain. So I combined a script to pull the password for the disk image named MacBook-Backup.sparsebundle. This would need to change to the name of your disk image if running the script. I then pipe the output of that command to the mount command to mount the disk image. This in effects types in the password read from the Keychain to the prompt when I mount the drive. The path (here /Volumes/TimeMachine/MacBook-Backup.sparsebundle) would need to be changed if you use this script.

security find-generic-password -w -D "disk image password" -l "MacBook-Backup.sparsebundle" | hdiutil attach /Volumes/TimeMachine/MacBook-Backup.sparsebundle

Finally a script to turn off Time Machine.

   1:  tell application "System Preferences" to activate
   2:  tell application "System Events"
   3:      tell process "System Preferences"
   4:              click menu item "Time Machine" of menu "View" of menu bar 1
   5:              tell button "OFF" of window 1 to click
   6:      end tell
   7:  end tell
   8:  tell application "System Preferences" to quit

There are several ways to use these. I initially ran them manually when needed. For automation the best method I found was to use Keyboard Maestro’s ability to run scripts when a wireless network was either connected to or disconnected from. I ran the first two scripts when I connected to my home wireless network and the last when I disconnected from it. I used that process for about a week and a half and found it worked very well.

Since then though I’ve moved from the Windows Home Server to a new Synology NAS. This new NAS supports native Time Machine backups using AFS so I no longer need the disk image process I detailed here. It worked for me well over a year with only one problem and the scripts worked for about a month so I’d feel comfortable going back to them if the need arises.

Running 3.1 Miles (Or My First 5K)

I used to have a motto that it was pointless to run unless being chased. Thankfully I’ve rarely found myself in a position where I needed to run for safety and therefore rarely ran unless caught in the rain.

I’ve already noted the weight and exercise changes I’ve made over the last couple of years, but running is a pretty new experience. I spent most of the spring training for a backpacking trip planned for June out west. That meant lots of long hikes in hilly terrain worried about distance and not time. I did several hikes of as much as ten miles, but rarely worried about a pace greater than a steady walk.

The backpacking trip didn’t quite go as planned and now will take place in early November. Shortly before that fell apart though I had decided I needed something to work toward once I came back. I was looking at coming back in mid June with the main goal I’d held for my spring gone.

Why I decided to try running I do not know, but somehow it felt like a change of pace. Shorter distances in faster time which sort of flipped what I’d been doing. I figured given the condition I was in I could train about six weeks and have a decent result so I looked for something around the end of July and found it in the Bele Chere 5K in Asheville, NC.

Then shortly afterward June happened. The trip fell apart on me at the last minute. And shortly after I got back from it my father had an accident at work breaking his hip. Several weeks of hospital and rehab for him followed and my training time was the victim. I trained, but not as many days as I’d hoped. I got what I could in, but my goal went to simply finishing. I felt I could walk ten miles without a break still, I worried about being the last person to finish just over three.

Bele Chere was a festival held in downtown Asheville at the end of July that everyone in the city seems to either love or hate. No, the locals I know mostly either hated or ignored it. I use the past tense as it appears this year’s was the last one. I heard more love than most years this time perhaps for that reason. Interestingly I’ve been in the city the last three years during the festival, but this was my only time actually going to it.

I get downtown early. It’s early morning in Asheville and I’m walking around Pack Square park warming up mostly by just walking. My test 5K shortly before the race had been run when I was really tired and a bit under the weather, but my time had been terrible. My goal as I walk around the park next to the start and finish areas is to finish at a pace of twelve minutes per mile or a bit over 37 minutes for the race.

It’s been a cloudy morning and drizzly. The night before had scattered some rain around the city. The calls are for us to start to gather around the start/finish line. I settl toward the back of the middle of the pack figuring it’s about the right spot for me on my pace. Shortly after getting there a noticeable flash occurs in the sky. A lot of cameras have been in use, but this ain’t that. The thunder a bit later confirms this. I take a moment to enjoy the irony that coming over the speakers is AC/DC’s Thunderstruck before wondering how they handle thunderstorms.

Lightning flashes a couple more times in the ten minutes or so before the start. Only the last is close enough to be concerning, but it’s not repeated. What does follow though is a downpour of rain a couple of minutes before the 7:30 A.M. start time.

There are almost 1,200 people there at the race start. I work through the largely empty streets of downtown. I’d had the luck and foresight to wear a cap, but even before I cross the start line it, along with my pants and shirt, are soaked to the skin. It’s a cool morning for July, but the movement means I never feel chilled.

The rain last probably the first five minutes of the race. Water runs down the street and there are puddles everywhere the asphalt dips even slightly. My socks get soaked along the way and I’ve no idea if the splash that did it came from me or another running hitting a puddle.

At the same time the race feels like it takes forever, and seems over in minutes. I cross the finish line 37:03 after the starting gun putting me 941 out of 1,177 people listed on the results site this evening. My official time from start line to finish lines of 36:32 matches my own tracking pretty closely for a pace of 11:56 per mile.

I’m not happy with the time, but already see how to improve. More training of course would have helped, I had to walk an uphill section around the two mile mark that likely cost me at least a minute off my time and I lost probably another minute dealing with my shoe laces. I’d not tired them well and had to stop and retie both along the way.

So the question then is will I do it again? Probably so. I’m looking to train better now that life has gotten a bit less crazy and would like to hit something around thirty minutes for a time. When I don’t know, but I’ll probably start looking at area races toward end of August or into September. Be interesting to see what progress I can make in between.

My Simple, But Not Easy Weight Loss Plan

When you lose over 100 pounds of weight people notice. Especially over the last few months as I’ve moved to pretty close to a normal, healthy weight. Up until a couple months ago when asked I pretty much gave the rather boring answer of “I ate less and exercised more.” That’s really true, but misses a lot of the details. Everyone know that you have to eat less and exercise more to lose weight, but most people, including myself many times, fail to do it.

So what did I do differently this time? A few months ago I wrote a bit about the process, but now let me describe a bit of the daily things I did that worked for me. These I think are the things that I did to lose weight and feel that I’ll keep it off going forward. I’m a lot of things, but not a doctor, trainer, or nutritionist or any other professional at this so take this advice as just what worked for me. I’m not trying to sell you anything, but some of the links to products below might be affiliate links, but they’re the things I’ve used myself.

Exercise feels lousy when you first start, but eventually you do start to actually enjoy it and feel better afterward. Even now though when I’d consider myself in the best shape of my life, I still often feel that nagging laziness when it comes time to work out. At some point just telling yourself to do it and doing so really is everything. I’d developed an enjoyment of hiking early in my weight loss process, partly tying into an interest in outdoor photography, and did a lot of that over the last couple of years. Late last fall I started training for my backpacking trip this summer that didn’t quite work out as planned and will now take place in the fall, but the process meant three to six mile hike much of the winter and spring. Together these meant I spent much more time outdoors and active. After getting past the initial “I hate exercise” adjustment I did also found it burned off stress nicely. I’ve had a few rather stressful periods in the last year and I found that going for a hike or getting onto the elliptical during the dreary weather days when getting outside didn’t seem a great plan worked wonders for my stress and at the same time helped me lose weight and feel better. Gradually exercise stopped always feeling like a chore or work. So I found a way to make exercise, while not always enjoyable, at least not something to dread. I always enjoyed getting outdoors for a hike, but when not I was at least able to remember that while the first few minutes on an elliptical were rough, I’d feel better at the end.

And that’s the first element, just deciding to do it and sticking to it. It’s not easy to make time, but in the end I valued it enough to do so. You don’t get more time, just allocate what you have differently. I found that audio books and podcasts worked well for me while exercising giving my mind something to focus on when on the elliptical other than somewhat dull routine. A nice pair of headphones for some of the less wild and more boring trails in the area also let me take those same things with me on hikes.

The second element really comes down to awareness. I started paying attention to how much I ate and what I ate. I paid attention to how much activity I did and what type of activity I did. When I decided to make a good final push last fall and get beyond the slow weight loss I’d seen to that point, I started tracking things. Doing this can be a nuisance, and it’s easy to get bogged down to a level where you want to give up in frustration.

I began tracking everything I ate and it’s nutritional value. For packaged foods this is simply on the label. Many larger or chain restaurants provide nutritional info on their web sites. And sometimes you just have to guess based on that you had a salad with Italian dressing and grilled fish. Doing this made me think a bit more about what I ate before I ate. It’s one thing to overindulge on cookies, but another to then look at what you ate and see the effect they had on your diet. Seeing I’d had a hamburger at lunch made me a little more likely to pick something healthier at dinner. So I became more aware of what I ate. Reading the nutritional info for restaurants was very eye opening. I was especially surprised how often the healthier looking or sounding option at a restaurant wasn’t any less caloric or more nutritious than the hamburger.

There are web sites that can do this or simply paper and pen, but I mostly used apps on my iPhone to track my food. I started with using Lose It! on my iPhone, but ended up using the app from Fitbit since it tied into the activity tracker I’ll mention in a moment. I still use Lose It! for the ability to build custom recipes for meals that I create when cooking at home and it ties into Fitbit so anything I enter in Lose It! shows in Fitbit.

For tracking my activity I started with a now discontinued Fitbit. It worked pretty well, but after a couple months I sold it on eBay and bought the newer Fitbit One Wireless Activity Plus Sleep Tracker. I loved this thing so much that when I lost mine on my trip to Arizona in early June I ordered a replacement the same day. The small size is nice in that it’s pretty discreet while being worn, but it is easily lost, especially as the case become more lose over time. I lost mine while clipped to my belt as I worked to get myself and too much luggage from the rental car center to the airport in Phoenix before returning home. I now wear it clipped in a pocket most of the time so if it does fall out it’s not lost, something I wish I’d started a bit sooner. This device tracks steps taken and floors climbed during the day. I can also monitor how well I sleep. It’s not perfect, but does give a decent determination of how many calories I burn and how active I am during the day. I found that knowing how many steps I took helped me realize what led to me being less active (see winter weekends) and adapt for them.

In December I also added in a heart rate monitor for exercise. The Fitbit does well with walking based activities such as walking, running, and hiking, but doesn’t work as well with stationary activities like weight lifting, the elliptical, and cycling. For those I found the heart rate monitor gave me a more accurate number. I ended up using a Wahoo Fitness Blue HR Heart Rate Strap for iPod/iPhone that connects to my phone using Bluetooth. I’ve tried a number of apps, but settled on the Digifit iCardio to use while indoors on the elliptical or any other inside workout. I found it less useful for outdoor exercise as the GPS seems unreliable. For tracking outdoors I use RunKeeper which tracks and maps my hikes. I also like MotionX GPS, but find it more useful for hiking than as exercise tracking. I’ve mostly use RunKeeper for anything outdoors.

None of these are perfect. That’s not a problem. I really don’t worry about getting every calorie to the exact amount or exercise to the exact calorie matters. The key is that these tools made me more aware of what I did and that seemed to be enough for me. There were days I went for a walk in the evening just to get a few more steps onto the counter before bed. There were many days I’d have a salad for lunch so I could feel better about the hamburger I’d be eating for dinner at a cookout. I tracked as close as I could and tried to keep a steady deficit between what I ate and what I burned.