Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Automatically enable and disable a router's DMZ Internet
If you connect to the internet through a router, you may occasionally want to expose your computer directly to the internet for things like BitTorrent, serving up web pages, or logging into your computer from work. Most consumer-grade routers have a "DMZ" feature that allows one internal user to be exposed to the internet. If you have a Linksys router, the following code will automatically enable the DMZ feature for your IP address:
  1. Open Terminal and type pico activatedmz to open a new document for editing.

  2. Paste in the following two lines of code. This code assumes the Linksys default IP address 192.168.1.1 and default password admin -- hopefully you've changed that! So make any changes if necessary. Remove the line wraps shown in each line, replacing them with a space to make two long lines of code:
    Line #1: lastdigit=`ifconfig | grep netmask | grep -v 127.0.0.1 
             | awk {'print $2'} | sed 's/192.168.1.//'`
    Line #2: curl http://192.168.1.1/apply.cgi
             -d "submit_button=DMZ&change_action=&action=Apply
             &dmz_enable=1&dmz_ipaddr=$lastdigit"
             -u admin:admin -s > /dev/null
    
  3. Hit Ctrl-X, then Y to save the document and close pico.

  4. Type chmod u+x activatedmz to make the script executable.

  5. Type ./activatedmz to run the script and expose your computer to the internet.
To automatically disable DMZ and again protect your computer from the internet, create another file called deactivatedmz and paste in the following single line of code -- again, remove the line breaks and replace them with a space:
Line #1: curl http://192.168.1.1/apply.cgi
         -d "submit_button=DMZ&change_action=&action=Apply&dmz_enable=0&dmz_ipaddr=0"
         -u admin:admin -s > /dev/null
Again, type chmod u+x deactivatedmz to make it executable, then type ./deactivatedmz to run it. I found it helpful to use Platypus to turn these UNIX scripts into GUI apps. I now have an "Activate DMZ" and a "Deactivate DMZ" icon in my Dock -- easy as a light switch. If you want to know how this works, or do this with a different brand of router, keep reading for a behind-the-scenes look.
read more (263 words)   Post a comment  •  Comments (20)  
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)
 
[24,097 views] Email Article To a Friend View Printable Version
A fix for '.Mac legacy client exited abnormally' error Internet
Tiger only hintThis is a very strange problem, and I do not know how my system got into this state. I have used .Mac for over a year, but at some point after I updated to 10.4, .Mac stopped working. Whenever I opened the .Mac preferences panel, I received an error message stating that the .Mac legacy client exited abnormally. I could not synch my computer with .Mac, but I could use iDisk. I checked console.log for error messages and saw this:
2005-09-21 21:19:39.527 dotMacTranslator[393] SyncServices precondition 
  failure in [ISyncConcreteManager registerSchemaWithBundlePath:]: 
  No Schema.plist found in bundle at /System/Library/PrivateFrameworks/
  CALCore.framework/Resources/iCal.syncschema
  
2005-09-21 21:19:39.543 dotMacPrefTool[218] [DotMacSessionProxy 
  registerDotMacSyncClient:] failed with error: NSError ".Mac legacy client 
  exited abnormally." Domain=DotMacProxyErrorDomain Code=-99 UserInfo={
  
2005-09-21 21:19:39.547 dotMacPrefTool[218] Caught .Mac Translator has not 
  been registered with Syncservices locally! when getting new session proxy.
Notice the No Schema.plist found... line. I checked the contents of that directory and compared it to my other Mac, which was working properly with .Mac. I found that all of the localization folders were missing. You must use the Terminal to navigate to and open that directory. Luckily, since I have two computers, I just copied the CALCore.framework folder from the working computer to the other and tried again. This time .Mac worked. Chances are that reinstalling iCal would work, too, but I didn't know where to find that installer.

I hope this helps some other frustrated user.
  Post a comment  •  Comments (0)  
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)
 
[9,761 views] Email Article To a Friend View Printable Version
10.4: A fix for connectivity issues with Apple's servers Internet
Tiger only hintMy Mac and other computers all have RFC 1918 (private internets, i.e. 10.0.0.x, etc.) static IP addresses and sit behind an OpenBSD 3.7 box running the pf firewall. pf performs stateful packet-filtering and network address translation (NAT). The OpenBSD firewall gets a statically assigned public IP address from a DHCP pool on its external interface.

I had never had any problems using Software Update, until I installed Tiger on my G5. A day after installation, Software Update stopped working -- it would just hang and then time-out. I searched Apple's forums and noticed many other people experiencing a similar problem. Messages on the forums suggested that some people had luck when they switched their Macs to DHCP. The quickest way I could get a DHCP address for my Mac was to connect it directly to the Internet, outside of my OpenBSD firewall. When I did this, Software Update worked. But whenever the Mac was behind the OpenBSD firewall with a static IP address, Software Update didn't work. I assumed this was an OS bug, especially since Software Update used to work, nothing had changed in my firewall configuration, and tcpdump did show traffic between my Mac and swscan.apple.com when it tried to do a Software Update. 10.4.1 and 10.4.2 came out, and I still could not run Software Update (unless my Mac was connected directly to the Internet via DHCP).

To add to my troubles, I also had issues with connecting to the iTunes Music Store. I had no problems connecting in the past ... until iTunes 5 came out. The day I installed iTunes 5, any connections to the Music Store would hang and then time out. Again, I assumed this was some new, frustrating bug -- this time in iTunes.

Then I remembered some posts I had come across last year discussing an apparent RFC 1323 (TCP Extensions for High Performance) implementation problem specific to apple.com. So I modified my OpenBSD pf.conf firewall ruleset, and changed my scrub rules to:
scrub on $ExtIF from any to swscan.apple.com random-id
scrub on $ExtIF from swscan.apple.com to any random-id
scrub on $ExtIF random-id reassemble tcp
After doing this, both Software Update and iTunes Music Store worked!

I mention this not because I think the macosxhints audience uses OpenBSD firewalls, but if anyone else is having similar connectivity issues with swscan.apple.com and phobos.apple.com, it's possible their firewalls are objecting to Apple's servers' inconsistent use of RFC1323 TCP timestamps. (Although I still also suspect there was a bug in 10.4.0 interfering with Software Update).
  Post a comment  •  Comments (4)  
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)
 
[14,094 views] Email Article To a Friend View Printable Version
Use Google Secure Access on a Mac Internet
On September 20, 2005 Google released Google Secure Access, a Windows application that allows users to connect to Google's VPN (Virtual Private Network) to make WiFi connections more secure. While Google did not release a client for Mac OS X, it quickly became apparent that Google's VPN client used PPTP (Point to Point Tunneling Protocol), which is natively supported by Mac OS X.

Getting it to work on OS X was the logical step to explore.

[robg adds: I haven't tested this one...]
  Post a comment  •  Comments (9)  
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)
 
[14,433 views] Email Article To a Friend View Printable Version
Use Streamload for big backups Internet
Seeing this hint on how to make a tarball on the fly while FTP'ing a backup of your home directory to a remote host reminded me of a complimentary hint that I've been using for a little while to provide a nice automated backup solution. It involves cron, tar, ftp, and a free account at streamload.com.

Streamload is a service with an interesting business model: They allow you to upload and store as much stuff as you want, no limit, for free, but charge you for download bandwidth when you want the stuff back. Upload is via web interface or FTP (in beta). Perfect, really, for a backup solution: Get a free account, upload your directory, and if you ever need it, you'll probably be more than willing to pay to get it back.

So the hint, simply, is to get a Streamload account, sign up for the FTP beta trial, and write a .command file based on the script in the previously-mentioned hint. Then set cron to execute the command file, say, every few days, or every week. The servers are always up, and the storage, as long as you don't need anything back, is free.

If you do this, conscience dictates signing on to Streamload once in a while to get rid of old backups. It's good of them to offer this sort of service; let's not clog their servers with terabytes of data.
  Post a comment  •  Comments (12)  
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)
 
[14,270 views] Email Article To a Friend View Printable Version
Fix a trashed chat buddy list Internet
Recently, for no apparent reason, my chat buddy list was knocked down from 110 users to 34. Afraid that I had lost all of those people, I tried to think of a solution. I knew that I had created contacts in Address Book that had included AIM screen names when I knew them. So using a Smart Folder, I isolated the contacts in Address Book by using the rule "IM status" "Is set."

But this was the tricky part. Dragging and dropping these contacts onto iChat or Adium didn't work. The only app that seems to be able to update your buddy list (that is, communicate with the AOL servers where the buddies are stored) is AOL's own AIM client. And guess which app doesn't seem to support drag and drop?

I tried to use some earlier hints, including one to use AppleScript to automate repopulating my buddy list on AIM, but it didn't seem to work. I tried going into AIM, adding a few buddies manually, and exporting the buddy list file (.blt) to understand the syntax so I could add my own buddies by editing the .blt file itself. However, AOL's AIM just kept crashing when I tried to load in the edited file.
read more (179 words)   Post a comment  •  Comments (1)  
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)
 
[9,596 views] Email Article To a Friend View Printable Version
New podcast URL types allow one-click subscriptions Internet
With iTunes 4.9 and its Podcast feature, Apple also introduced two new URL types: itpc:// and pcast://. So you can subscribe, with one click, to a podcast RSS feed formatted with one of those two URL types.

I also tried this on Windows XP (under Virtual PC), but it seems not to work there.
  Post a comment  •  Comments (12)  
  • Currently 3.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (2 votes cast)
 
[15,926 views] Email Article To a Friend View Printable Version
10.4: View hidden link destinations Internet
Tiger only hintWhile looking at websites for trojan removers for Windows, I came across several pages (such as this one) that do not allow you to see the destination of a given link on the page. You can't control-click at all, and if you do a View Source, you won't see the source to the complete page.

The way around this is to hit Command-A to select everything on the page, then copy/paste it to TextEdit (in RTF mode). Then you can control-click on a link and choose Edit Link, which will allow you to see where you would be redirercted. This process comes from my untrusting nature with being redirected to fake sites from within a hijacked page. I tried this on Panther and it does not work, so it must be just in Tiger.
  Post a comment  •  Comments (11)  
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)
 
[12,634 views] Email Article To a Friend View Printable Version
A simple method for securing email Internet
I plan on spending more time with my PowerBook in cafes and other offices over the summer to beat the heat. One thing always worried me, though. As you know, normal email clients send your email account name and password in "plain text," so if there is some bad guy next to you at the cafe, then he can scoop it up using a sniffer app.

Well, the best solution is to use SSL or POPS or other secure forms of email communication so that your account name and password will be encrypted. The problem is that my ISP (verizon.net) does not have secure email. I've had this email for years, so it's not possible for me to drop it and start over with something like gmail, which does support SSL, so I looked around for another solution. What I came up with is simple and perhaps obvious, but it works great.

Most of the suggestions I found say to use a SSH tunnel or some such, which you still need a server for. Forget that. Way too complicated for me. Here's my little trick, assuming you have at least one SSL-enabled email account somewhere (which is not your main account).

My Verizon account lets me forward all my email to another address. I am a .mac subscriber (which DOES SSL email) so i forward my verizon email (which is an insecure account) to my .mac account (which is secure). I then "de-enabled" my Verizon account in Apple Mail, and now do all my mail off of .Mac using the Apple Mail client. Secure. and yet another reason to keep my .Mac account.
  Post a comment  •  Comments (28)  
  • Currently 3.25 / 5
  You rated: 5 / 5 (4 votes cast)
 
[13,147 views] Email Article To a Friend View Printable Version
A possible fix for slow SSH and Safari domain issues Internet
For the most part, this hint applies to Tiger only, but there may be aspects of it surrounding ssh and connections in general that are good for pre-Tiger as well.

First, lets start with the slow SSH logins. As you may be aware, the Apple Discussion Forums has been getting a little noise about this problem, where ssh'ing into remote machines takes an unusually long amount of time. Between that and other sites, there are several posts where people have this problem, along with varying solutions

I have seen this issue pop up on the openSSH mailing list, and google groups as well, so it is getting more and more attention. Of all the workarounds, none worked for me at all, I was averaging 45 second connection times to servers over ssh. The only constant was Tiger. Linux and pre Tiger had no such problems. If you read the links, you will find varying solutions from editing configuration files to creating local entries in /etc/hosts. Again, none worked for me.
read more (564 words)   Post a comment  •  Comments (11)  
  • Currently 2.50 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (2 votes cast)
 
[27,091 views] Email Article To a Friend View Printable Version