## Thursday, June 22, 2017

### Compiling Latex with scons with tikz externalization and pre-compiled preamble (which includes tikz)

Compilation of LaTeX projects that contain tikz images can be sped up by an astronomical amount by properly separating the static and dynamic preamble and issuing the right commands.

A minimum-working-example that I wrote that demonstrates this in great detail can be found at: https://github.com/abid-mujtaba/mwe-scons-tikz-preamble

### Ubuntu - Connecting to a PPTP VPN server using the terminal

Situation:

I was away from Islamabad and needed to download some scientific papers. This required me to connect to my University's VPN which was of the PPTP variety. I tried using the Network Manager applet in Ubuntu 14.04 which would successfully connect but the moment I would open a page on Chrome the VPN connection would fail.

Solution:

Connect to the VPN from the terminal using instructions that were written for Ubuntu 7.04 (https://wiki.ubuntu.com/VPN) and were supposed to have become outdated 7 years ago. But what is in the command line can never die.

Based on help from https://superuser.com/a/459906/306711 and http://www.wikihow.com/Add-or-Change-the-Default-Gateway-in-Linux with a little tweaking I was able to successfully connect to the VPN in a stable fashion.

Details:
1. Install pptp package: sudo apt-get install pptp-linux

2. Create a peers file. I named mine 'comsats' so I created: /etc/ppp/peers/comsats with the following content
    pty "pptp <vpn server ip address> --nolaunchpppd"
debug
nodetach
logfd 2
noproxyarp
ipparam comsats
remotename comsats
require-mppe-128
nobsdcomp
nodeflate
lock
noauth
refuse-eap
refuse-chap

This file needs to be executable (sudo chmod +x /etc/ppp/peers/comsats). Note the 'remotename' and the 'ipparam' which are set to 'comsats'. These will be used to activate the connection and to run automated scripts when the connection is setup and torn down.

3. Add your VPN credentials to /etc/ppp/chap-secrets in the following format:
    * <vpn username> * <vpn password>
At this point you can check your vpn connection by executing:
    sudo pon comsats
For debugging the connection look at /var/log/syslog. At this stage your internet will NOT be forwarded over the vpn because the routes haven't been set up for it.

To close the connection Ctrl+C is supposed to work but it didn't for me so I had to use ps -A | grep ppp to find the pid of the connection process and then sudo kill -KILL <pid> to kill it.

4. To forward your internet packets over the VPN you must first find the ip addresses of the gateways for your internet interface (wlan0 in my case) and the vpn interface (ppp0). Simply use ipconfig. In my case my wifi gateway was 192.168.0.1 and the vpn gateway was 192.168.3.1. To take a look at the current routes issue the route command, it will show you the current default gateway.
The first step is the delete the current default gateway:
    sudo route delete gw 192.168.0.1 wlan0
Note the use of my wlan0 gateway ip address (192.168.0.1).
Now switch to using the ppp0 gateway as the default so that all outgoing internet traffic is sent via the vpn:
    sudo route add gw 192.168.3.1 ppp0
You can confirm the switch to using the VPN by looking at your external IP address (I simply navigate to https://www.icanhazip.com and a whois to confirm).

5. After closing the vpn connection you will have to revert the changes to the routes to get your normal internet access back (the Network Manager applet does all of this automatically, when it works) as follows:
    sudo route delete gw 192.168.3.1 ppp0
sudo add gw 192.168.0.1 wlan0

6. To automate the route changes one can add files to the /etc/ppp/ip-up.d and /etc/ppp/ip-down.d folders that are automatically run when the connection is setup and torn down respectively.
Create and populate /etc/ppp/ip-up.d/comsats:
    #!/bin/sh

[ "$PPP_IPPARAM" = "comsats" ] || exit 0 route delete default gw 192.168.0.1 wlan0 route add default gw 192.168.3.1 ppp0  Note how we use the$PPP_IPPARAM to match against the same we defined in /etc/ppp/peers/comsats to make the code run only when this connection is set up.
Similarly create and populate /etc/ppp/ip-down.d/comsats:
    #!/bin/sh

[ "$PPP_IPPARAM" = "comsats" ] || exit 0 route delete default gw 192.168.3.1 ppp0 route add default gw 192.168.0.1 wlan0  Finally comment out nodetach in /etc/ppp/peers/comsats to run the connection as a deamon and use sudo poff comsats to close the connection when you need to. This connection is not as stable as I would like it (usable however) so I use tail -F /var/log/syslog | ccze -A to keep an eye on the connection while I am using it, restarting it as needed. ## Wednesday, June 21, 2017 ### Highlighted (syntax) code snippets in Blogger My blogs being technical in nature often contain snippets of code. The old technique I was using for correctly highlighting them no longer works because the library I was using has gone the way of the dinosaurs. Thankfully, however, there is a much better (and slightly easier) way to achieve this using the highlight.js library (https://highlightjs.org/). Procedure: 1. In your main Blogger page, from the pane on the left (which contains 'Posts', 'Stats', etc.) click on 'Theme'. 2. In the frame that reloads on the right first choose 'Backup / Restore' and then 'Download theme' to save a backup of the unmodified theme before we mess with it. 3. Press 'Close' to close the dialog/pop-up window and choose 'Edit HTML'. 4. Before the </head> tag paste the following lines:  <link href='//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.8.0/styles/agate.min.css' rel='stylesheet'/> <script src='//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.8.0/highlight.min.js'/> <script>hljs.initHighlightingOnLoad();</script>  5. Choose 'Save Theme' Note: I chose to use the 'agate' theme (CSS), there are many others. You can take a look at the available options at https://highlightjs.org/static/demo/. To choose another one simply replace "agate" in the link with the theme you like. Similarly, 'highlight.min.js' only supports a core of 35 common languages. To highlight other languages add additional scripts you can find at https://cdnjs.com/libraries/highlight.js/ Example: Now to place a code snippet in your blog simply switch to "HTML" editing (instead of "Compose") and place the snippet inside a <pre><code> </code></pre> block or simply inside <code> </code> if quoting code inline. You can specify the language inside the "class" element of the "code" block (visit the highlight.js website for more details). To create the following highlighted python snippet:  def factorial(n): if n == 0: return 1 else: return n * factorial(n - 1)  I used the following code in HTML mode:  <pre><code class="python"> def factorial(n): if n == 0: return 1 else: return n * factorial(n - 1) </code></pre>  Simple and elegant. Enjoy. Note: To place HTML itself inside a highlighted snippet (very meta indeed, I needed it for the last section of code) you will have to escape all of the HTML. I used https://www.freeformatter.com/html-escape.html. ## Tuesday, June 20, 2017 ### Linux - Switch display from terminal (virtual and emulated) using xrandr Situation: I had my laptop (running Ubuntu) connected to my TV via an HDMI cable with the display set to TV only. I then unplugged the HDMI cable without switching the display to Internal (using the "Displays" system settings). The display is supposed to switch automatically but on my machine this sometimes fails to happen leaving me with a running X session which I can't see. However by pressing Ctrl+Alt+F2 (through F6) I am able to switch to a virtual terminal which shows up on the internal screen just fine. Solution: Use xrandr to switch the display. But this requires two little tricks because xrandr is an X command and it normally fails on virtual terminals. sleep 5 && xrandr -d :0 --output LVDS1 --auto and quickly switch to the terminal running X (Ctrl+Alt+F7 on Ubuntu) before the sleep timer runs out. Explanation: By sleeping for 5 seconds we allow ourselves time to switch to the virtual terminal running X so that when the xrandr command is issued the X Server is awake to receive it. Since we are running xrandr from the virtual terminal we have to explicitly specify which display to target. The default display is ":0" meaning the first (zero-indexed) display on the local machine (for remote machine its IP address would precede the ':'). Finally --output LVDS1 --auto tells xrandr to switch to the internal display with default settings. ## Tuesday, July 5, 2016 ### Ubuntu - Create a wifi hotspot (access point accessible by Android devices) whose traffic is forwarded through a SOCKS proxy The objective is to take my ubuntu laptop connected to the internet via ethernet and create a wifi hotspot (access point) that will allow an android device to connect. The hotspot will provide internet access to all connected devices. The crucial feature is that all traffic from devices connected to the hotspot must pass through a SOCKS proxy. This means that all requests and connections from these devices seem to come from the external end of the SOCKS connection. Although the internet is full of advice on this there is very little that works. Surprisingly the solution is actually quite simple. The first step is to create the hotspot. On ubuntu the network-manager takes care of this with a simple modification. The steps are detailed in http://ubuntuhandbook.org/index.php/2014/09/3-ways-create-wifi-hotspot-ubuntu/. Basically create a new infrastructure mode wifi network using the network-manager and then edit a single configuration file (in /etc/NetworkManager/system-connections/) to change the mode to ap. Once this network is enabled using the network-manager, your devices (including those running Android) will be able to connect the network and receive internet through the ethernet connection on your computer. Step two is to create a SOCKS tunnel using ssh -D. This can be achieved using a single command on the terminal or by adding an entry in ~/.ssh/config for example: Host <name> User <user> Hostname <host address> IdentityFile <full path to ssh key file> DynamicForward <port> ServerAliveInterval 60 With this configuration issuing the command ssh <name> will establish a connection the remote machine while the DynamicForward instruction will create a SOCKS5 tunnel such that any packets sent to port number <port> will be sent through the ssh tunnel. The packets will appear to come from the remote machine itself. The SOCKS tunnel can be tested using a browser on the computer (not the hotspot yet) by setting it to use a SOCKS proxy. Point the browser at www.icanhazip.com and/or www.whoismyisp.org to check that packets are being sent over the tunnel. The ssh socks port can interface with a browser (the latter being intelligent about it) but it won't handle raw ip traffic from the hotspot. We need a proxy that can take the traffic and send it via the ssh socks port. Enter redsocks a lightweight socks proxy. Unlike squid or polipo it is NOT a proxy server, that is, it cannot be used directly by a browser. redsocks connects to the socks port upstream and provides an incoming port where all incident traffic is sent out via the socks tunnel. Traffic is redirected to the redsocks incoming port using iptables. Once redsocks is installed (sudo apt-get install redsocks) modify /etc/redsocks.conf. Focus on the redsocks {} section. Change local_ip to 0.0.0.0 (don't know if this is strictly necessary). local_port specifies the incoming port. I chose 12345. Set port to the socks port set in the ssh config file and set type to socks5. Then restart redsocks (sudo service redsocks restart). With redsocks set up we are now at the final stage and ready to redirect traffic from the wifi hotspot to through the socks tunnel. To that end we need the ip address block assigned to the hotspot. Since my hotspot works on the wlan0 interface I simply ran ifconfig wlan0 (or ip addr) to discover the address block which turned out to be 10.42.0.1/24, that is, address 10.42.0.1 and netmask 255.255.255.0. When the network-manager creates the wifi hotspot (using the technique defined above) it creates a number of iptables rules to take care of the traffic forwarding. Since we need all traffic forwarded to the redsocks incoming port (12345) we simply delete all these rules and provided just one of our own.  sudo iptables -F sudo iptables -t nat -F sudo iptables -t nat -A PREROUTING -s 10.42.0.0/24 -p tcp -j REDIRECT --to-ports 12345  Basically we are instructing iptables to take all packets that come from the 10.42.0.0/24 subnet and redirect it to the incoming port of redsocks which sends it over the socks ssh tunnel. The final step is to enable ip packet forwarding in the kernel using  sudo sysctl -w net.ipv4.ip_forward=1  And we are set. On your hotspot connected device (Android phone for example) navigate to www.icanhazip.com and www.whoismyisp.org to confirm. ## Saturday, March 14, 2015 ### DIY mini-UPS for charging phones or running wifi router or Raspberry Pi Currently Pakistan is going through an energy crisis. Consequently I am faced with frequent hour long power outages. I have a largish UPS for running an assortment of electrical appliances but I am always vary of using it to power DC electronics. This is where this DIY mini-UPS comes in handy. It runs off a 12V motorcycle battery and is charged using a standard 12V DC power adapter. It is capable of powering either a standard wireless router (that requires 12V DC), a Raspberry Pi or charging a phone. The switching from line voltage to battery voltage is fast enough that the wireless router doesn't stutter and the Raspberry Pi keeps running without a hitch. I followed the instructions from this excellent tutorial which also gives a wonderful explanation for how the circuit works. I did make a few modifications of my own, simplifying the circuit to fit my needs. In particular I connected the DC output directly to the input because the voltage drop across both the 1N4007 diode and the TIP 127 was unacceptable when running off of the battery. The modified circuit is: (the circuit diagram was drawn using circuitikz package in LaTeX. Here is the how-to) And here is the end-product, shifted to a perf-board after being tested on a bread-board: <insert image here> ## Friday, March 13, 2015 ### Drawing Circuit diagrams in LaTeX Those of you who are familiar with my interests would know that I am both an electronics hobbyist and a huge fan of LaTeX. Therefore I am thrilled with my recent discovery of the ability to draw publication quality circuit diagrams in LaTeX, using the circuitikz package. Take a look at the sample below: The LaTeX code used to generate this diagram can be found at circuit-ups on GitHub. A simple example of constructing a circuit diagram is  \begin{figure} \begin{circuitikz} \draw (0,0) to[V,v=$U_q$] (0,2) % The voltage source to[short] (2,2) to[R=$R_1\$] (2,0) % The resistor
to[short] (0,0);

\end{circuitikz}

\caption{My first circuit.}

\end{figure}

and it creates the following circuit diagram:

Image Source: tutorial

All that is required are the circuitikz and siunitx packages which can be easily downloaded using tlmgr (the Tex-Live manager). On Ubuntu this can be done by running:
    tlmgr install circuitikz
tlmgr install siunitx


I learned about using circuitikz from the following this tutorial which also contains a link to the circuitikz manual which came in handy.

All of the components in the circuit diagram on top are provided by the circuitikz package with the exception of the 7805 IC which I created by using primitive pgf directives I learned from this second tutorial. This was surprisingly easier than it sounds. And the output is very elegant.

(Note: The LaTeX commands generate pdf which I converted to a png using imagemagick before inserting it in to this blog)