Technical description.

Here is some code for getting the hostname value from your linux network configuration, assuming you have setup /etc/sysconfig/network properly.


//get hostname info from /etc/sysconfig/network
preg_match('/HOSTNAME=(.*)/', file_get_contents('/etc/sysconfig/network'), $network);
$hostname = split("\=", $network[0]);
echo $hostname[1]; //this equals the value of your HOSTNAME


For our API developers, we wanted to use a common, universal format, one that would be easily compatible with our application and database layers. For that we selected ISO 8601, which is great in terms of widespread use, but not so great in terms of how complicated its specifications are.

Generally, ISO 8601 looks something like ‘2009-05-20′ for dates and ‘2009-05-20 12:30:30′ for date/time combinations. These two examples encompass 98% of the user input we’re likely to encounter. But we wanted to make sure that if we told developers they could use ISO 8601 dates, our system would support it.Unfortunately, there’s not a lot of code out there for the validation of ISO 8601 dates (especially regular expressions), and most of the stuff that is out there doesn’t encompass the entirety of the ISO 8601 spec.

Starting off, here are some dates that the validator should match (all these are valid ISO 8601 dates to the best of my knowledge):

2009-12T12:34
2009
2009-05-19
2009-05-19
20090519
2009123
2009-05
2009-123
2009-222
2009-001
2009-W01-1
2009-W51-1
2009-W511
2009-W33
2009W511
2009-05-19
2009-05-19 00:00
2009-05-19 14
2009-05-19 14:31
2009-05-19 14:39:22
2009-05-19T14:39Z
2009-W21-2
2009-W21-2T01:22
2009-139
2009-05-19 14:39:22-06:00
2009-05-19 14:39:22+0600
2009-05-19 14:39:22-01
20090621T0545Z
2007-04-06T00:00
2007-04-05T24:00

And here are some of the strings that the validator should not match (ie. reject):

200905
2009367
2009-
2007-04-05T24:50
2009-000
2009-M511
2009M511
2009-05-19T14a39r
2009-05-19T14:3924
2009-0519
2009-05-1914:39
2009-05-19 14:
2009-05-19r14:39
2009-05-19 14a39a22
200912-01
2009-05-19 14:39:22+06a00

The code we came up with was the following:

^([\+-]?\d{4}(?!\d{2}\b))((-?)((0[1-9]|1[0-2])(\3([12]\d|0[1-9]|3[01]))?|W([0-4]\d|5[0-2])(-?[1-7])?|(00[1-9]|0[1-9]\d|[12]\d{2}|3([0-5]\d|6[1-6])))([T\s](([01]\d|2[0-3])((:?)[0-5]\d)?|24\:?00)?(\16([0-5]\d))?([zZ]|([\+-])([01]\d|2[0-3]):?([0-5]\d)?)?)?)?$

I guess I should add the caveat that this code doesn’t support the time interval or duration part of the ISO 8601 spec, so I didn’t include it. And it only supports dates or date/times, since right now we don’t have to deal with time input (for the Intervals API, all time is input in decimal format, rather than ISO 8601). But it should support everything else. Please let me know if this works for you or doesn’t, of if you can fine tune it.

• Background
• Configuring the Sonicwall Router
• Installing Openswan
• Configuring Openswan
• Starting and stopping the VPN connection
• References

Background

Pelago is a web design and development agency in Santa Barbara, California. Since our humble beginnings in August of 2000, we’ve seen the Internet landscape evolve exponentially in the last nine years. Our most current challenge as a creative and engineering agency is in embracing diversity in platforms and the inevitable shift towards the remote office. We use three different operating systems — Windows, OS X and Linux — on a daily basis. In addition to developing web-based project management software that is compatible with all three platforms, our designers and developers rely on them inside and outside of the office. Tunneling through the firewall from outside the office was our next requirement for embracing a diverse and distributed remote office.

Our SonicWall router makes it easy enough to establish a VPN connection using Windows. There is a client that can be downloaded from the SonicWall web site. What about other operating systems? Our developers often use Ubuntu Linux from home and required a way to VPN into the office. Once established, a VPN connection allows access to development servers, remote desktops, and other network resources inside the firewall; so you can see why it would be essential for the remote office.

The problem, as most Linux users out there already know, is that setting up a VPN connection in Ubuntu Linux is not very easy. After much trial and error, here is how we got the VPN working on Ubuntu Linux using Openswan.

Configuring the SonicWall Router

Login to your SonicWall router admin and make the following adjustments to the VPN settings.

1. Click on the VPN link and note the Unique Firewall Identifier for your SonicWall router. You will need it later for the value sonicwall.unique.identifier.
   
2. Under VPN Policies, create or edit the ‘GroupVPN’ policy.
3. Click on the General tab and set the following:
   
   • IPSec Keying Mode: IKE using Preshared Secret
   • Shared Secret: shared.secret.key (enter your secret key here)
4. Click on the Proposals tab and set the following:
   
   • IKE (Phase 1) Proposal
     DH Group: Group 5
     Encryption: 3DES
     Authentication: SHA1
   • Ipsec (Phase 2) Proposal
     Protocol: ESP
     Encryption: 3DES
     Authentication: SHA1
   • Enable Perfect Forward Secrecy (checked)
     DH Group: Group 5

Installing Openswan

If you are using Ubuntu, open a terminal window and type in:
sudo apt-get install openswan
The install will ask you a few questions about how you want to set it up. Select the suggested default for each step. This will install Openswan and create the ipsec.conf and ipsec.secrets configuration files.

Configuring Openswan

Add the following connection parameters to your /etc/ipsec.conf file:
conn sonicwall
     type=tunnel
     left=%defaultroute
     leftid=@home
     leftxauthclient=yes
     right=xxx.xxx.xxx.xxx #IP address of your sonicwall router
     rightsubnet=192.168.1.0/24 #gateway IP for your LAN. This will work for most
     rightxauthserver=yes
     rightid=@sonicwall.unique.identifier
     keyingtries=0
     pfs=yes
     aggrmode=yes
     auto=add
     auth=esp
     esp=3DES-SHA1
     ike=3DES-SHA1
     authby=secret
     xauth=yes


Add the following line to your /etc/ipsec.secrets file
@home @sonicwall.unique.identifer : PSK "shared.secret.key"

Starting and stopping the VPN connection

Starting ipsec and opening the VPN connection
sudo ipsec setup ––start
sudo ipsec auto ––add sonicwall (note: if you change the configuration files, you’ll need to run ’sudo ipsec auto ––replace sonicwall’ to reload the file)
sudo ipsec whack ––name sonicwall ––initiate

Closing the VPN connection and stopping ipsec
sudo ipsec whack ––name sonicwall ––terminate
sudo ipsec setup ––stop


References

The following links were useful for getting the VPN connection up and running on Ubuntu Linux:
Openswan wiki page for SonicWall routers:
http://wiki.openswan.org/index.php/Openswan/SonicWall
SonicWall PDF instructions for using Agressive Mode and IKE with Pre-shared Keys
http://www.sonicwall.com/downloads/SonicOS_Enhanced_to_Openswan_Using_Aggressive_Mode_IKE_with_PreShared_key.pdf

Here is the view from our office.

http://www.popcuts.com/ - “Every time a song you bought sells, you get a cut of the proceeds.”

http://bountii.com/ - “Find a lower price on any of the products below and we’ll pay you the Bountii.”

IP address geolocation SQL database

Why CSS should not be used for layout
http://www.flownet.com/ron/css-rant.html

Why CSS Should Be Used for Layout
http://www.newmediacampaigns.com/page/why-css-should-be-used-for-layout

Don’t Blame CSS For Your Incompetence
http://www.jemjabella.co.uk/blog/dont-blame-css-for-your-incompetence

The last article sums it all up in my opinion.

• Google maps mashup showing evacuation zones
• Westmont College web site
• Westmont blog with pictures and updates
• Photos of the fire from the Westmont Campus
• SB County Evacuation Updates
• PDF Map of Evacuation Areas
• Updates from Daily Kos
• Streaming Video from KCAL
• Local Coverage from the Independent
• Photos from the LA Times
• Fire Photos at Flickr
• Edhat Updates
• Crisiswire