Keinian ideals – thoughts on the Singaporean Chinese wedding

Helping out at XQ’s wedding last week was a great eye-opener, as it was my first time being a ‘brother’ at a wedding.

I have since concluded that:

  • The games which prelude the fetching of the bride are in essence a ritualised form of degradation for the groom and his mates. Basically, everything done on that morning serves as an affirmation that yes the groom will go through hell to get to the bride, and that includes doing everything and anything. Which of course, gives the ladies a great opportunity to concoct senseless mini-games for the guys. I’d like to see a reverse situation where the ladies are put through similar antics. Equality of the sexes for once? Or better, games where the bride and groom are made to go through gruelling stuff together. After all, isn’t marriage about bonding in the first place?
  • Being a ‘brother’ = you are going to be one busy fellow, and probably wouldn’t get to enjoy much of the wedding dinner. (Then again, the happy couple get to eat even less.) Of course, you’re helping a buddy in need and sharing his joy at a lifechanging moment.

If anything, this experience has strengthened my belief that I should do my utmost not get married (if ever) in SG. A great deal of hassle, not being able to enjoy myself at all, and placing a great deal of inconvenience and unneeded suffering on my buddies even. If I ever need to bond with them, we’ll go out and get drunk or something; there’s got to be an easier way to forge relationships.

All in all, the purpose = public display?

Thanks, but I’ll pass.

Tech: 10 tips for FreeRADIUS server configuration

I had the pleasure (read: gruelling chore) of setting a RADIUS server up from scratch a few weeks ago. All in all it was an educational experience, to say the least. To anyone else who’s interested, here’s a rough troubleshooting guide incase you get screwed and start screaming “WTF WHY IS IT NOT WORKING!!!”

Scope of installation: to setup an authentication server in a LAN environment NAT-ed to a public internet address, that authenticates against user info in database and logs session data to database as well.

*I am assuming a basic knowledge of bash, and that you know how to edit files with vi or any other editor in the command line interface.

Packages used:

  • FreeRADIUS 1.1.3
  • MySQL 5.0.32-Debian_7etch8-log
  • Linux version 2.6.18-6-686 (Debian 2.6.18.dfsg.1-23)

Optional packages if you want to install dialupadmin:

  • Apache
  • PHP

Important note above everything else: read FreeRADIUS Wiki on SQL integration. Twice. Even thrice!

1. Network: make sure NAT is done if the server is using a private IP address (read: RFC 1918)

Default ports to be NAT-ed:

  • TCP 1812 and 1813
  • UDP 1812 and 1813
  • 1812 is for authentication, and 1813 for accounting. That’s if you did not customise the ports in the default config.

If you don’t know how NAT should be done, Google is your best friend.

2. Restart it: service should be restarted whenever you make changes!

To stop:
/etc/init.d/freeradius stop

To start:
/etc/init.d/freeradius start

RHEL (and similar distros) should use this to restart the service (via FreeRADIUS wiki):
service radiusd stop
service radiusd start

3. Protocols needed: configure /etc/freeradius/radiusd.conf as needed for types of authentication protocol e.g. CHAP, PAP, MS-CHAP.

4. Logging: check for error messages under /var/log/freeradius/radius.log

5. Debugging: debug mode is very useful:

To turn it on:
freeradius -X

*note: you have to kill to end the process, there is no stop command.

6. Dictionary check: add the relevant dictionary for your desired NAS in /usr/share/freeradius/

7. Dictionary include: include the file dictionary inside /etc/freeradius/dictionary

This is a sample entry for dictionary abc:

$INCLUDE /usr/share/freeradius/

8. Client check: ensure your NAS clients are listed inside /etc/freeradius/clients.conf with a valid IP address and shared secret. NAS = Network Access Server, which is the client that’s handling the authentication. So yes, your NAS must be similarly configured.

9. Process check: Check that FreeRADIUS is running correctly.

List of processes check for freeradius:
ps -ef

If it’s not running, you’d better find out why.

Check listening ports make sure the required UDP and TCP ports are active:
netstat -tunelp

Make sure it’s listening on the right interface(s)!

10. Database check: Check that the username and and password (and related usergroup) have been inserted into the usergroup and radcheck tables.

That’s all there is to it, I wasn’t really in the mood for writing an epic saga of my woes encountered alongside the entire process. Hopefully this has been of help to you guys, so if you liked my article, please share it! Thanks as always.

Recent goings-on in the life of Kein #2

No new posts, because I have been busy settling up things at home, preparing for housemoving. I hate (repeat that: HATE) paperwork.

I’ll be heading back to SG on Monday, so hooray sweatyland, here I come! (edit: reads SAFRA swimming pool, here I come!) A merry Christmas to everyone, mine’s gonna be a sweltering one.

Tech: Directing screen output to file with MS-DOS batching

How do you capture an error message from an MS-DOS prompt to a file?

One easy way would be to copy and paste it manually.

  • Right-click, select Mark and highlight the text.
  • Right-click again to copy.
  • Right-click to paste in the DOS prompt window, or Control-V to paste in other screens.

What if we wanted to use a batch file (.bat) to capture the output of several different commands at one go?

Use this:

cd K: >test.txt 2>&1

This example attempts to change directory to K: (which doesn’t exist), so the resulting error message is written to test.txt instead.

Thanks to YH for asking the question on Facebook, and I hope this tip helps some other lost soul out there.