Wi-Fi Analyzer on iPhone/iPad

Android has a beautiful app to help you scan & analyze the Wi-Fi signals floating around you. But there are no 3rd party apps for iOS. This is a huge limitation.

Why? Why is this a limitation? Why is analyzing Wi-Fi signals important?

Well, the least of many reasons is to find a less crowded channel for your wireless router.

Fortunately, in iOS, there is an official method to find out the most crowded Wi-Fi channel. Official? Oh, yeah, because the app is created by ‘Apple.’ 🙂

Here are the steps to use the official method.



  • Go to iOS settings and find Airport utility.
  • Turn Wi-Fi scanner on. (As shown below)



  • Open Airport utility app.
  • Tap on “Wi-Fi Scan” (As shown below)



  • And in the next screen tap on “Scan“. (As shown below)



  • Wait 10 sec.
  • Now you can see all the networks with their channels and levels. (As shown below)
  • Remember the channels of top 3 networks. Those channels are not for you. 🙂
  • Now you can stop scanning (at the top-right of the screen).
  • Tap on a “I” button at the bottom-right of the screen.




  • You should be able to see the most busy Wi-Fi channels.
  • With this, you know which channels are crowded & which channels are free (or less crowded). Don’t forget about #8, which represents the top 3 networks and their channels.



Now you know the best channels for your beta router. Voila! 🙂

Setting up an Ubuntu Router

I wanted to experiment with sniffing data on the network. Of course, my own network. This was not a creepy sniffing of my neighbours’ network. I was keen in converting my Ubuntu VM into a router VM. Then I can redirect all traffic from ‘client’ VM via the ‘router’ VM on which the sniffer is running. So, my requirements are simple, I need a VM with dual network adapter, one of which will be for the WAN side and other will be on the LAN side (exactly like a home router). What is required to convert a VM into router is a different topic and it will not be covered in this blog post.

Configure the Dual Network Adapter

The most important part of this is to understand that only one of the adapter is visible to your DHCP server and other is not. Why is this important? Because, only one of the adapter will get an IP from the DHCP and other will have to manually set. This DHCP-enabled adapter will be the WAN side adapter and the manual IP adapter will be the LAN side adapter. So, how do you configure dual interfaces on Ubuntu?

In Ubuntu, the networking system is configured via the ‘/etc/network/interfaces‘ file. Originally, there would have been only one interface as shown below:

$> ifconfig 
 eth0 Link encap:Ethernet HWaddr 08:00:27:d9:7a:ca 
 inet addr: Bcast: Mask:
 inet6 addr: fe80::a00:27ff:fed9:7aca/64 Scope:Link
 RX packets:600 errors:0 dropped:0 overruns:0 frame:0
 TX packets:852 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:1000 
 RX bytes:273084 (273.0 KB) TX bytes:141395 (141.3 KB)

lo Link encap:Local Loopback 
 inet addr: Mask:
 inet6 addr: ::1/128 Scope:Host
 RX packets:479 errors:0 dropped:0 overruns:0 frame:0
 TX packets:479 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:0 
 RX bytes:147404 (147.4 KB) TX bytes:147404 (147.4 KB)

Now, let us configure the networking system to understand the 2nd interface, which we shall name as ‘eth1.’

So edit ‘/etc/network/interfaces‘ as show below:

# The loopback network interface
 auto lo
 iface lo inet loopback

# The primary network interface
 auto eth0
 iface eth0 inet dhcp

 auto eth1
 iface eth1 inet static

What this means is that:

  • eth0 is DHCP-enabled and gets the IP from the DHCP server.
  • eth1 has static IP of

Restart the network (via ‘sudo /etc/init.d/networking restart’):

Restart of network

Now, both the interfaces are up as shown below:

$> ifconfig 
 eth0 Link encap:Ethernet HWaddr 08:00:27:d9:7a:ca 
 inet addr: Bcast: Mask:
 inet6 addr: fe80::a00:27ff:fed9:7aca/64 Scope:Link
 RX packets:600 errors:0 dropped:0 overruns:0 frame:0
 TX packets:852 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:1000 
 RX bytes:273084 (273.0 KB) TX bytes:141395 (141.3 KB)

eth1 Link encap:Ethernet HWaddr 08:00:27:85:3a:24 
 inet addr: Bcast: Mask:
 inet6 addr: fe80::a00:27ff:fe85:3a24/64 Scope:Link
 RX packets:3043 errors:0 dropped:0 overruns:0 frame:0
 TX packets:34454004 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:1000 
 RX bytes:372333 (372.3 KB) TX bytes:3193181649 (3.1 GB)

lo Link encap:Local Loopback 
 inet addr: Mask:
 inet6 addr: ::1/128 Scope:Host
 RX packets:479 errors:0 dropped:0 overruns:0 frame:0
 TX packets:479 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:0 
 RX bytes:147404 (147.4 KB) TX bytes:147404 (147.4 KB)

Now we have 2 interfaces:

  1. ‘eth0’ (DHCP-enabled) pointing to the WAN side
  2. ‘eth1’ (static IP) pointing to the LAN side

Configure NAT routing

Use the following script, which I had borrowed from somewhere (forgot!) and slightly modified to my taste (available on github):


#--------------------------------- constants
fn_check_dependencies() {
	local __cmd=${1}
	local __path=$(which ${__cmd})

	if [ $? -ne 0 ]; then
		echo "****************** !! \${__cmd}\' IS NOT AVAILABLE !! ******************"
		exit 1

	echo ${__path}

#--------------------------------- constants
AWK=$(fn_check_dependencies awk)
ECHO=$(fn_check_dependencies echo)
DEPMOD=$(fn_check_dependencies depmod)
GREP=$(fn_check_dependencies grep)
IP=$(fn_check_dependencies ip)
IPTABLES=$(fn_check_dependencies iptables)
MODPROBE=$(fn_check_dependencies modprobe)
NETSTAT=$(fn_check_dependencies netstat)

#--------------------------------- functions
fn_get_wan_iface() {
	${ECHO} $(${IP} route show | ${GREP} default | ${AWK} '{print $5}')

fn_get_lan_iface() {
	local _wan_ip=$(fn_get_wan_iface)
	${ECHO} $(${NETSTAT} -i | ${GREP} -ve lo -ve Iface -ve Kernel -ve ${_wan_ip} | ${AWK} '{print $1}')

fn_load_mod() {
	local __mod_name=${1}
	${ECHO} " |->; ${__mod_name}"
	${MODPROBE} ${__mod_name}
	if [ $? -ne 0 ]; then
		${ECHO} "****************** !! FAILED TO LOAD ${__mod_name} !! ******************"
		exit 1

fn_load_modules() {
	${ECHO} " - Loading kernel modules: "
	${DEPMOD} -a
	fn_load_mod ip_tables
	fn_load_mod nf_conntrack
	fn_load_mod nf_conntrack_ftp
	fn_load_mod nf_conntrack_irc
	fn_load_mod iptable_nat
	fn_load_mod nf_nat_ftp

fn_enable_ipv4_forwarding() {
	${ECHO} " - Enabling forwarding.."
	${ECHO} "1" > /proc/sys/net/ipv4/ip_forward

fn_enable_ipv4_dynamic_addr() {
	${ECHO} " - Enabling DynamicAddr.."
	${ECHO} "1" > /proc/sys/net/ipv4/ip_dynaddr

fn_clear_previous_fw_rules() {
	${ECHO} " - Clearing existing firewall rules"
	${IPTABLES} -t filter -D FORWARD -i "$WANIF" -o "$LANIF" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT 
	${IPTABLES} -t filter -D FORWARD -i "$LANIF" -o "$WANIF" -j ACCEPT
	${IPTABLES} -t filter -D FORWARD -j LOG

fn_create_fw_rules() {
	${ECHO} " - Enabling firewall rules"
	${IPTABLES} -t filter -A FORWARD -i "$WANIF" -o "$LANIF" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT 
	${IPTABLES} -t filter -A FORWARD -i "$LANIF" -o "$WANIF" -j ACCEPT
	${IPTABLES} -t filter -A FORWARD -j LOG

#--------------------------------- Main
${ECHO} "======================= Enabling NAT ======================="


${ECHO} "WAN Interface: $WANIF"
${ECHO} "LAN Interface: $LANIF"

if [ -z ${WANIF} ]; then
	${ECHO} "****************** !! WAN interface not found !! ******************"
	exit 1

if [ -z ${LANIF} ]; then
	${ECHO} "****************** !! LAN interface not found !! ******************"
	exit 1

if [ ${WAN} = ${LANIF} ]; then
	${ECHO} "****************** !! Only one interface found !! ******************"
	exit 1

${ECHO} "Setting up network:"
${ECHO} "======================= Done ======================="

The above script does the following:

  1. Ensures the required kernel modules are loaded.
  2. Enable IP forwarding
  3. Enable masquerading on the WAN side interface
  4. All connections via LAN interface should be transferred to WAN interface
  5. Finally, all ‘established’ or ‘related’ connections via WAN should be transferred to LAN.

Done. Now when a device connects to this Ubuntu box via ‘eth1’ it connect to the internet. In other words, this ubuntu box serves as a router for other connected devices.

IoT? Whatsapp yo?!

How many of you have heard of the ‘yo’ app? Yo – It’s that simple. For the unknowns, it is an app with which we can send a ‘yo’ as a text & audio notification. Trust me! That is all! Just a ‘yo’ and nothing more!!! 🙂 The first time I heard about this app I laughed it off!! But when I gotta to know that it had raised $1.2M investment, I was like “WTF”!!!!!!!!

But then I thought investors aren’t fools. Why will they invest $1.2M without any potential possibilities? I thought like an investor and like a developer and guess what, I felt the ‘possible’ uses of an app like ‘yo’ are tremendous! Much more than it appears on the very first go.


The use-cases are extremely high in number when we consider IoTs. The major issue with IoT (at least, as of now) is how to sync up between the heterogeneous mix of IoT devices lying around! How can we automate some tasks? Imagine a situation where you have scores of IoT devices at home. Your fridge. Your bed. Your coffee machine. Your toothbrush. And now imagine automating between these IoTs!!! Like, say, coffee machine starts brewing while you are 50% into your brushing of your teeth! Smile Horrible time integrating your tooth brush with your coffee machine, yeah? Imagine the amount of customization or geeky automation required to suit everybody’s need!! This is where ‘yo’ comes in or at least, I think so.

How can this be done via ‘yo’, you ask?! Smile All your ‘IP-connected toothbrush’ need to do is to send a ‘yo’ to the coffee-machine at the appropriate time. Coffee machine, now, does not need anything more than just a notification for it to start brewing. It does not need any additional information more than a simple notification. ‘Yo’ app developers understood the power & the potential of simple notifications as against to full-fledged integration (like IFTTT, for instance!). The coffee-machine can be configured to start its (only?) task of brewing coffee to your taste whenever it receives a notification from toothbrush. Is it like a publisher-subscriber model? I think so! Or, at least, that is how I would utilize it.


Allow me to explain with another example. Suppose your vehicle is for service. Now for that notification to reach you, assuming there is an dealer app installed in your phone, your app need to poll sync-up with the cloud on a regular basis. yo2Or, the cloud needs to send a notification (say, apple notification) with as many information as possible to your app so that it can intimate you to send your vehicle for service. Now with your app being ‘yo’-aware as soon as it received a notification, with nothing more than a ‘yo’, it will intimate you that your vehicle is up for service! The only other data it requires is, from when the vehicle is up for service & that info can be figured out from the timestamp of the ‘yo’ notification! Smile Of course, there is the multiple vehicle scenario. I can think of a solution off-the-top-my-head but I shall leave that to you guys to figure out it!

Now start to think what all & what else we can achieve by a simple notifications! Plenty, I tell you. I started to expand my use cases & was surprised to see dozen’s rolling off my sleeves within 30 mins of thinking! The ones that I would prefer to have implemented in my house are:

  • Morning Coffee: Start brewing the coffee while I am midway through my brushing of my teeth. (I need this! I NEED this!)
  • Starbucks on the way to work: Customer left his home to work, car sends a ‘yo’ based on its GPS location to ‘Starbucks’ and they keep your breakfast hot & ready just in time for you!! (Wouldn’t we love it?!)
  • Arrived at a party/event: Now, if you organize a big-ass party inviting over 50+ people, or even an event, whenever your guests checkin you get a ‘yo’ and you can walk by to wherever they are to greet them. Wouldn’t this be awesome so that you don’t miss people at your own event? Trust me this is supremely important in Indian weddings. We always tend to forget to greet someone or other!!
  • Children back home from school: Children left school, so a ‘yo’ to your oven/toaster to get ready to prepare a snack, while you are at work. Children back home safely, a ‘yo’ from their phone to yours (while at work!). Children are not studying instead playing XBOX, send a ‘yo’ from your mobile to XBOX and they go right back to studies! Smile
  • Cleaning lady at home while you away: So a ‘yo’ to start the security camera.
  • Motion sensor: Though many might feel this is already there but my point is to integrate your motion-sensor with your existing security ecosystem! So, a ‘yo’ from motion-sensor to your security camera to turn it on! This will extremely useful with the raise of Airbnb kinda scene.
  • School attendance: Simple, yeah?! Smile

Amazing, isn’t it?! Smile


Of course, there is case of IFTTT! In essence, they are the cloud-based connector for all your apps, IoTs & everything. Well, I am still trying to figure out if ‘yo’ has any bandwidth advantage over IFTTT because of the limited data size. I am sure in some cases, IFTTT will be way better but ‘yo’ has so many daily use cases (that can also be achieved by IFTTT) for a quick integration.

Windows7 Applications I Need

I believe the applications/software I have installed in my Windows 7 ‘work’ laptop increases my productivity. I have just captured the same here for both cataloging for future purpose as well as sharing to the extended communities. There is no particular order to this. I prefer a certain style to my desktop and would strive to achieve that in all my windows powered machines. Also there are a certain tools/apps I would like to have always in my system:

Productivity Applications

  1. Evernote: Notes on the cloud is something I use extensively. All my personal notes & sometimes blog articles are scripted in this first.
    1. Other options. One Note – Yet to evaluate this option thoroughly but have been reading a lot of good reviews. I am planning to move my work related notes/articles into this. [Update: OneNote is awesome for work related notes because of the MS Office like formatting capability. Additionally it links awesome with the MS Outlook esp the Meeting details.]
  2. Jing: Required for quickly taking snapshot of the desktop. The left ‘Ctrl + J’ key works magic. It is quite quick & very useful esp to add markers to the snapshots.
  3. ScreenRecorder: Required for making a video recording of the actions on desktop. Useful when I have to create video demos.
  4. Windows Live Writer: I am an avid blogger! (Duh!!) So need a desktop WYSIWYG tool & so far WLW seems awesome.
  5. [Update] Browser Chooser 2: I prefer to use different browsers for work (off late, FF) and personal (Chrome). This becomes the default browser and every time you click a link you get an option to choose between the browsers, which has saved me so much time.

Cloud Applications

  1. Dropbox by Dropbox
  2. Google Drive by Google
  3. Box by Box
  4. One Drive by Microsoft
  5. Copy by Barracuda
  6. iCloud by Apple


  1. Oracle Virtual Box: Free! Easy & at least as good as VMWare Workstation. And, I can get my share folder working “easily” compared to VMWare Workstation.
    1. Other options. VMWare Workstation – I prefer the “free” Virtual box version. Perhaps later I shall write my experiences with VB compared to VMWorkstation.
  2. vim: My favorite go-to editor for code. I am more comfortable with vim than GUI editors. Personal preference!
    1. Other options. Emacs – If you are an Emacs guy. I used to be.
  3. PuTTY: Nothing beats this low-footprint SSH client. I love it from bottom of my heart.
  4. WinSCP: I would prefer if this is a tad fast but works perfectly for me. Another of the development tool I can’t be without.
  5. DiffMerge: A beauty when comes to code comparison. Addicted to this over all the other options.
    1. Other options. WinMerge – Yet to evaluate this.
  6. TortoiseSVN:  Was skeptical of using a SVN client on Windows for a long time until I tried this. TortoiseSVN is a master piece.
  7. GitHub:  For no computer geek is satisfied without an account of their pet projects in GitHub! Smile
  8. WireShark: Off late I am cross verifying my network a tad too much. Of course, my work area is on the same line adds to my woes.


  1. Alternate for IE: Google Chrome – Need I say more. (Added a few extensions I use regularly)
    1. Other options. Firefox – I played a bit with Firefox but FF has lost its mojo! It seem super bloated on the memory department!
  2. Alternate for Adobe PDF Reader: Foxit Reader – Better PDF reader or so I have heard. Just started using & already feels good!
  3. Alternate for Notepad: Notepad++ – Man! This app has improved so much over the years, I stopped using Notepad even for quick notes. Also now they have a nice feature of auto-save without saving into an actual file!! (Added a few plugins I use regularly)
  4. Alternate for DiskCleanup: CCleaner
  5. Alternate for Windows Media Player: VLC
  6. Alternate for Zip: 7-Zip
    1. Other options. WinRAR


  1. PIXResizer: Required to quickly resize pictures to a specific size; also multiple batch resizes
  2. Alternate for Windows Photo Viewer: IrfanView – A much better Photo viewer
  3. Alternate for Photo Gallery: Adobe Bridge


  1. LastPass: Password manager


  1. Launchy: For lack of better desktop search. I definitely miss google desktop. [Update: Boy! oh Boy! This is so bloated! Takes all my CPU! This is off my list.]
  2. Free Download Manager: The speed this app brings to my downloads is tremendous.
  3. Skype: Kinda mandatory these days! Smile

Desktop Customization

  1. Rainmeter: Awesome. Awesome. Awesome. I have the following skins & layouts to handle most of my scenarios Smile
    1. Avengers Skin
    2. Laptop Only layout
    3. 2 screen layout
  2. Taskbar Customization (http://www.howtogeek.com/172466/10-ways-you-can-customize-your-windows-taskbar/)
    1. Use small icons
    2. Hide all icons except ‘volume & network’ in the ‘notification area’
    3. Enable Autohide (because of Rainmeter desktop)
    4. How to change the windows explorer startup folder


Thus ends my current requirements on tools/apps to make my Windows PC ready for work! Smile


Appendix A1: Google Chrome Extensions

  1. FoxTab: For quick tabs on frequently browsed sites.
  2. LastPass
  3. OneTab: For storing all the tabs just before saving.
  4. Adblock Plus
  5. Klout: For social media ratings.
  6. VNC Viewer for Google Chrome: Found this better & sufficient than desktop versions.

Appendix A2: Notepad++ Plugins


  1. DSpellCheck
  2. Explorer
  3. Python Script
  4. TextFX Characters


  1. CCompletion
  2. Code alignment
  3. Compare
  4. Task List
  5. Tortoise SVN

Web Development

  1. HTML Tag
  2. JSLint
  3. JSON Viewer
  4. JSTool
  5. NppExport
  6. NppFTP
  7. Tidy2

Hope somebody out there benefits from a quick look into this post! Smile

We need a Tag based File system “yesterday”

You: Why a tag based file system?
Me: Because all current file systems are broken.
You: What the F are you talking about?
Me: I know you know more about file systems than I do but listen to me with a logical open mind & then conclude.

Current File systems are broken

To understand my reasoning, let us understand what a file system is. It is a system for files. To be precise, an organizational system around how files are stored on disk (yes, I am specifically speaking about disk-based file systems here). Well what is the point of storing if we cannot retrieve it. So, the description should have been “organizational system around how files are stored & retrieved.” In other words, retrieval should be in focus as much as storing is. So kinda 50-50 split.

But, if we actually thinking about it, we store so that we can retrieve later. If we don’t want to retrieve then we wouldn’t be storing in the first place. Then for all practical purposes, retrieval should be given higher weight in the split. In other words, file systems should be designed with retrieval in mind more than storage. But to me, all of the modern file systems focus on how to organize the layout to optimize storing. This is preciously where modern day file systems are broken. On a final note to elaborate my stance, I would like to point out that we store our work files under ‘Work’ folder and personal files under ‘Personal’ folder so that it is easier for us to retrieve. Hence, retrieval is far more important than storage. Q.E.D. 😉

How will tag-based file system help?

With tag-based file system, a file will be referenced by its tag(s) and not based on its storage path. In other words, the storage path for a file is unimportant, i.e., file can be stored anywhere!

For real world examples, do you realize that ‘gmail’ uses ‘tag’ approach as against to traditional ‘MS Outlook’ style of ‘folder’ approach to organize your email?! 🙂

Further examples. Suppose you have stored photos of your vacation to Italy in your hard-disk. Currently, in the ‘folder’ based approach it would be under “/home/bob/vacations/italy/pictures” & retrieved with a:

$> ls /home/bob/vacations/italy/pictures

But in a tag based approach, you would reference them with keywords:vacation, pictures, italy. So, if ‘ls’ command was ported to understand tags it would (perhaps) be:

$> ls vacations+italy+pictures

The above is a equivalence use-case, i.e., tag based file system can work do everything folder-based file system can. Now, let us look into the differences. To be precise, what advantages tag-based file systems bring to table that folder-based can’t?


An use-case: retrieve all pictures from our italy vacation that was not taken in rome!

$> ls vacations+italy+pictures-rome

In the folder-based filesystem, this is not easy if all the pictures are put in the same folder!! So, negation is the simplest & almost the 1st extension of tag-based file system.

Disordered order

An use-case: retrieve all pictures from our italy vacation

$> ls vacations+italy+pictures


$> ls italy+vacations+pictures


$> ls pictures+vacations+italy

… and so on! #self-explanatory! 🙂

Auto tagging

This is but an obvious next. Imagine the docs are tagged based on the context & content. We will not be needed to worry about properly naming the files or deciding as to where exactly should we place this document. For example, say there are 2 projects (device driver & file system) and their design document needs to be stored. Both file names could be ‘design.doc’ & with auto-tagging feature, additionally & automatically, new tags will be appended: device driver, linux, design, doc for the first and file system, design, doc for the next!

$> ls design+driver
-rwxrwx--- 1 root vboxsf 20365048 2014-09-22 14:37 design-1.3


$> ls design+filesystem
-rwxrwx--- 1 root vboxsf   244147 2014-09-22 14:37 design_v10

No need for file extensions

With auto tagging capability the extensions are but tags! Truly! Who needs file extensions anymore? We can name the file ‘Resume’ and no need of ‘Resume.docx’ or ‘Resume.pdf’ The auto-tagging will automatically tag it as ‘pdf’ or ‘doc’ according to the true type of the file!

$> ls design+driver+pdf
-rwxrwx--- 1 root vboxsf 20365048 2014-09-22 14:37 device_driver_design-1.3

$> ls design+driver+txt
-rwxrwx--- 1 root vboxsf   244147 2014-09-22 14:37 device_driver_design-1.3


Reduce the clutter of files you see while browsing. Just like emails! Archive old no more relevant files but it can be retrieved whenever we want!

$> ls projectA
-rwxrwx--- 1 root vboxsf 20365048 2014-09-22 14:37 common_components-1.3
-rwxrwx--- 1 root vboxsf   244147 2014-09-22 14:37 Common_components_patch_steps

$> ls archived+projectA
-rwxrwx--- 1 root vboxsf 20365048 2014-09-22 14:37 common_components_detailed_design
-rwxrwx--- 1 root vboxsf   244147 2014-09-22 14:37 Common_components_highlevel_design


This is an extension to the above. We could even connect our hard-disk & say ‘push all the archived data to the external hard-disk’ 🙂

Reduce time spent on file names

If more apps (like email clients) can support tags then the recipient will also have tags (+ auto tags). With auto-tags, imagine if we can tag the pictures being imported based on its GPS data?! Or all emails downloaded from MS Outlook as ‘work’ & all from gmail as ‘personal’! Then the tags provided by author (say your manager) will get appended with our auto-tags (say ‘work’), which means your search could be “manager+pdf+approval” & instead of “project_approval.pdf” In other plain words, don’t worry about naming conventions all files could be named ‘New Document,’ who cares! 🙂

$> ls projectA
-rwxrwx--- 1 root vboxsf 20365048 2014-09-22 14:37 file1
-rwxrwx--- 1 root vboxsf   244147 2014-09-22 14:37 file2
-rwxrwx--- 1 root vboxsf 20365048 2014-09-22 14:37 file3
-rwxrwx--- 1 root vboxsf 20365048 2014-09-22 14:37 file4

$> ls projectA+pdf
-rwxrwx--- 1 root vboxsf 20365048 2014-09-22 14:37 file1
-rwxrwx--- 1 root vboxsf   244147 2014-09-22 14:37 file2

$> ls projectA+pdf+manager
-rwxrwx--- 1 root vboxsf 20365048 2014-09-22 14:37 file1


I, obviously, am not a file system expert. But within my capacity of a file system enthusiast I have put forth my points as to why we need a tag-based file system and what we can achieve with the same. The examples & suggestions of extensions are not exhaustive or even close to complete. But with these many advantages glaring the face, why isn’t that we haven’t moved into a tag-based filesystem yet?!!

What Next?

Allow me to be cocky in designing a tag-based filesystem. I shall give a link to the blog here ASAP. 🙂


How to: Create a local SVN on Ubuntu

Often times I get into a situation where I mess up with my development (of personal projects). Though I use github for personal projects yet sometimes it is convenient to have a local SVN for all silly works (like .vimrc, .bashrc, etc…). After a lot of procrastination, I decided to set a local svn repo for all my silly “not-to-be-published” work.

Points to note
  • First, understand that I am working on my personal box & so I got complete permission to violate 😉 the value of a sudoer account.
  • Second, I am kinda cli person. Except for the joys of multi-window vim sessions I don’t want an overhead of apache et al. So I did not invest time in configuring my apache for my svn.
  • Third, I am gonna access my SVN as a “file:///” & not as “http://” or “svn:///”

And, so here we go…

Install Subversion Package

Don’t expect an explanation here 😉

$> sudo apt-get install subversion subversion-tools

Repository directory

Create a directory to hold all your repositories. Since I own my box, to avoid confusion I created the repo directory as a peer to my user account. Another reason is this will ensure that my guest accounts (i.e., family et al) don’t get access to my SVN (by the virtue of they not being a sudoer).

$> sudo mkdir /home/svn

Create repo

Create a new, empty repository at the path provided. Suppose, I want a repository for all my silly test works (like a super silly shell script to dump the current ip), I shall call it ‘test.’ Then:

$> sudo svnadmin create /home/svn/test
$> ls -l /home/svn/
total 4
drwxr-xr-x 6 root root 4096 2014-09-18 18:32 test

This has created an empty repository under /home/svn/test.

Import data

Importing data implies that some data is available somewhere already. In my case, yes I do have my silly scripts to import and hence I change directory into where I have stored the scripts and import them as below:

$> cd ~/sillyscripts
$> sudo svn import . file:///home/svn/test/trunk -m "Initial import"

Now the entire sub-tree under sillyscripts have been imported into test.


Final point to remember is that the original location from where the data was imported (i.e., ~/sillyscripts) is _NOT_ under svn. We need to freshly checkout the repo.

$> cd ~/svnprojects/
$> svn co file:///home/svn/test
$> cd ~/svnprojects/test
$> svn info
Path: .
URL: file:///home/svn/test
Repository Root: file:///home/svn/test
Repository UUID: 4158fc24-64e9-4705-b124-8f2b88018be7
Revision: 1
Node Kind: directory
Schedule: normal
Last Changed Author: root
Last Changed Rev: 1
Last Changed Date: 2014-09-18 19:00:02 +0300 (Thu, 18 Sep 2014)

Voila! Now play with your data & have fun 🙂


IPTables: Personal Firewall to protect my laptop

Firewall! What a high sounding word! Means high protection & a safe cocoon for all the newbies. Thats exactly what I did setup in my laptop: A firewall! A personalized firewall.

My use cases & reasons were very simple. Every once in a while, I expose my laptop to unsafe open Internet like the cafes, restaurants & hotel-accommodations. Apart from that, thanks to my work, I run many services like apache2, sshd, mongodb, mysqld, etc in my laptop, which are susceptible to malicious attacks. Club these two & I got a time-bomb ticking right on my lap!!

I did a bit of research and finally (I think & I hope this is final!) I have arrived at the min-ship requirement for my laptop to function correctly under any network without compromising itself!! These are things I felt like handling within my firewall:

  1. Enable (or Disable) a few kernel features
  2. Make the default rule to DROP instead of the ACCEPT
  3. Allow all packets from RELATED/ESTALBLISHED connectons
  4. Always allow loopback devices
  5. Drop all IANA reserved IPs
  6. Allow skype incoming
  7. Allow DHCP outgoing
  8. Allow DNS outgoing
  9. Allow HTTP outgoing
  10. Allow NTP outgoing
  11. Allow ping outgoing
  12. Allow SMTP outgoing
  13. Allow SSH outgoing

Simple, yeah?! 🙂


All of these steps are captured in my script – firewall.txt (Updated script: meetrp github). Just executing the script will enable everything as described above. But if you want to understand or wanna do them one-by-one yourselves then continue reading! 🙂


Enable (or Disable) a few kernel features
The common rule in protecting oneself is: “Deactivate everything you do not need.” Keeping in line with this principle, I have disabled (or enabled) a few kernel parameters to protect my laptop from malicious (or unwanted) intrusion.

  1. Ignore the broadcast pings: ICMP echo messages are the messages used by the “ping” command-line tool. By ignoring broadcast ICMP echo requests, your machine won’t respond when someone tries to ping a broadcast address (such as, or, say, on a subnet) to find all the hosts on the network or subnet at the same time.
  2. $> echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
  3. Deactivate source routed packets: Attackers could be using source-routed packets to generate traffic that seems to be intra-net, but actually was created outside and has been redirected.
  4. $> for iter in /proc/sys/net/ipv4/conf/*/accept_source_route; do; echo 0 > $iter; done
  5. Disable ICMP redirects: ICMP redirects are used by routers to specify better routing paths out of one network, based on the host choice, so basically it affects the way packets are routed and destinations. The atacker can then on basically alter your host’s routing tables and diver traffic towards external hosts on a path of his/her choice; the new path is kept active by the router for 10 minutes.
  6. $> for iter in /proc/sys/net/ipv4/conf/*/accept_redirects; do; echo 0 > $iter; done
  7. Disable IP forwarding: If there are mulitple network interfaces (like eth0, eth1, wlan0) active at the same time, then traffic coming in from one interface can be forwarded to another interface. This feature is not required in a traditional laptop
  8. $> echo 0 > /proc/sys/net/ipv4/ip_forward
  9. Turn on source address verfication: By default, routers route everything, even packets which ‘obviously’ don’t belong on your network. A common example is private IP space escaping onto the Internet. If you have an interface with a route of to it, you do not expect packets from to arrive there. Enabling this verification implies if the reply to a packet wouldn’t go out the interface this packet came in, then this is a bogus packet and should be ignored.
  10. $> for iter in /proc/sys/net/ipv4/conf/*/rp_filter; do; echo 1 > $iter; done
  11. Turn on syn cookies protection: The TCP Syn is DoS (Denial of Service) attack. It consumes resources on your Linux server. The attacker begin with the TCP connection handshake sending the SYN packet, and then never completing the process to open the connection. This results into massive half-open connections.
  12. $> echo 1 > /proc/sys/net/ipv4/tcp_syncookies

Where is the rules set?
Check the attached: firewall.txt (Updated script: meetrp github)! Rename this file with ‘.sh’ extension & execute it.

$> ls -l ./firewall.txt 
-rw-rw-r-- 1 rp rp 17288 Aug 31 00:15 ./firewall.txt

$> mv firewall.txt myfirewall.sh
$> ls -l *firewall*
-rwxrwxr-x 1 rp rp 17288 Aug 31 00:15 myfirewall.sh

$> chmod +x ./myfirewall.sh 

$> sudo ./myfirewall.sh 
[Sunday 31 August 2014 00:16:20] Not a root!
[Sunday 31 August 2014 00:16:20] ignore ICMP echo broadcasts
[Sunday 31 August 2014 00:16:20] log all packets
[Sunday 31 August 2014 00:16:21] enable reverse path filtering
[Sunday 31 August 2014 00:16:21] enable syn cookies protetion
[Sunday 31 August 2014 00:16:21] disable ICMP redirects
[Sunday 31 August 2014 00:16:21] disable ip forwarding
[Sunday 31 August 2014 00:16:21] disable source route
[Sunday 31 August 2014 00:16:21] -------------- IPv4 ---------------
[Sunday 31 August 2014 00:16:21] clear all rules
[Sunday 31 August 2014 00:16:21] default drop
[Sunday 31 August 2014 00:16:21] allow all related & established
[Sunday 31 August 2014 00:16:21] allow loop back
[Sunday 31 August 2014 00:16:21] drop all IANA reserved IPs
[Sunday 31 August 2014 00:16:21] --> eth0
[Sunday 31 August 2014 00:16:21] allow skype in
[Sunday 31 August 2014 00:16:21] allow DHCP out
[Sunday 31 August 2014 00:16:21] allow DNS out
[Sunday 31 August 2014 00:16:21] allow HTTP out
[Sunday 31 August 2014 00:16:21] allow NTP out
[Sunday 31 August 2014 00:16:21] allow ping out
[Sunday 31 August 2014 00:16:21] allow SMTP out
[Sunday 31 August 2014 00:16:21] allow SSH out
[Sunday 31 August 2014 00:16:21] --> wlan0
[Sunday 31 August 2014 00:16:21] allow skype in
[Sunday 31 August 2014 00:16:21] allow DHCP out
[Sunday 31 August 2014 00:16:21] allow DNS out
[Sunday 31 August 2014 00:16:21] allow HTTP out
[Sunday 31 August 2014 00:16:21] allow NTP out
[Sunday 31 August 2014 00:16:21] allow ping out
[Sunday 31 August 2014 00:16:22] allow SMTP out
[Sunday 31 August 2014 00:16:22] allow SSH out
[Sunday 31 August 2014 00:16:22] -------------- IPv6 ---------------
[Sunday 31 August 2014 00:16:22] clear all rules
[Sunday 31 August 2014 00:16:22] default drop

This is my firewall setup script. Whenever I want, I execute this script and voila, my firewall is setup.

Dump the IPTables for verfication

 $> sudo iptables -S
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 16514 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 16514 -j ACCEPT
-A INPUT -i wlan0 -p udp -m udp --dport 16514 -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --dport 16514 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --sport 123 --dport 123 -j ACCEPT
-A OUTPUT -o eth0 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
-A OUTPUT -o wlan0 -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT
-A OUTPUT -o wlan0 -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
-A OUTPUT -o wlan0 -p udp -m udp --sport 123 --dport 123 -j ACCEPT
-A OUTPUT -o wlan0 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT

$> sudo ip6tables -S

If you notice I have plenty of rules for IPv4 but dropped the IPv6 entirely!! Who wants IPv6 right away?! I still get only IPv4 address.;)

If you wanna make these rules permanent and persistent then follow these steps:

Save the rules set while networking is going down

$> cat /etc/network/if-down.d/saveiptables

/sbin/iptables-save > /etc/ipv4tables.rules
/sbin/ip6tables-save > /etc/ipv6tables.rules

exit 0

Restore the rules while networking is coming up

$> cat /etc/network/if-up.d/loadiptables

/sbin/iptables-restore < /etc/ipv4tables.rules
/sbin/ip6tables-restore < /etc/ipv6tables.rules

exit 0

Btw, don't forget to change it to executable!

$> sudo chmod +x /etc/network/if-down.d/saveiptables /etc/network/if-up.d/loadiptable

After this, hopefully, my laptop is secure as compared to before.

FYI, these were my experiments limited to my understanding. If I can be of any help & esp vice-versa, please feel free to contact me!

Updated script: meetrp github


  1. Security - Linux StepByStep
  2. The Kernel - Linux inside
  3. IPTables Tips and Tricks: More Than Just ACCEPT or DROP
  4. Saving iptables rules to be persistent
  5. http://hermann-uwe.de/files/fw_laptop
  6. Laptop Iptables configuration
  7. iptables: Small manual and tutorial with some examples and tips

HowTo: Show/Display available network interfaces

The biggest problem I found was not identifying all the network interfaces available but the ones that are up. For instance, the 2 quickest way to identify all the available network interfaces are:

ip link
$> ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 5c:26:0a:7b:7b:f6 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN mode DEFAULT group default qlen 1000
    link/ether a0:88:b4:ca:8b:4c brd ff:ff:ff:ff:ff:ff

Obviously, there are 2 interfaces (sans the default, lo): eth0 & wlan0. Btw, can you tell which of these 2 are up & which is NOT?!!!! Trust me I couldn’t. At least not in the first look! Then figured a pattern in the presence of ‘DOWN’ or ‘UP’ keywords!! Yet, this was not sufficient for me as I was wanting to identify the network interfaces that are UP using a generic script. ‘grep’-ing for ‘UP’ & ‘DOWN’ would not work out here.

$> ifconfig -a
eth0      Link encap:Ethernet  HWaddr 5c:26:0a:7b:7b:f6
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::5e26:aff:fe7b:7bf6/64 Scope:Link
          RX packets:919885 errors:0 dropped:0 overruns:0 frame:0
          TX packets:418690 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1098622617 (1.0 GB)  TX bytes:48860614 (48.8 MB)
          Interrupt:20 Memory:e2e00000-e2e20000

lo        Link encap:Local Loopback
          inet addr:  Mask:
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:92466 errors:0 dropped:0 overruns:0 frame:0
          TX packets:92466 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:12115565 (12.1 MB)  TX bytes:12115565 (12.1 MB)

wlan0     Link encap:Ethernet  HWaddr a0:88:b4:ca:8b:4c
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:506150 errors:0 dropped:0 overruns:0 frame:0
          TX packets:344206 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:557950489 (557.9 MB)  TX bytes:40095705 (40.0 MB)

Another obvious problem! Can you see that it is not easy to figure out which of the interfaces are down!! Of course, the presense of UP (or the lack of it) is not sufficient to write a simple bash script!!

So, after a bit of research & some soul-searching as well, I figure out a simpler way:

netstat -i

$> netstat -i
Kernel Interface table
eth0       1500 0    921323      0      0 0        419605      0      0      0 BMRU
lo        65536 0     93141      0      0 0         93141      0      0      0 LRU

Ah! There you can see only eth0 is displayed! Voila! I found my unicorn here! 🙂 So, now my script would be a simple:

$> netstat -i | grep -vi 'kernel' | grep -vi 'iface' | grep -v 'lo' | awk '{print $1}'

Isn’t this awesome?! 🙂

One can even use ‘ifconfig -s‘ instead of ‘netstat -i‘ and the output be the same! 🙂

FYI: I am using Ubuntu 14.04 LTS 64-bit.

HowTo: Disk space reduction on C:\ Drive [Windows 7]

I am suffering from a big time space crunch when it comes to my windows box. Unbelievable. Even a 300G disk seem insufficient! And, I am geeky enough to ensure my private stuff, work stuff & OS stuff does not reside on the same partition. Yet I get into super-duper mess! Now I am at my wits end. I cannot handle anymore lack of space or a slow system!

My current free space is about 9.26GB & yet the speed of the system is competing with Win98 systems!! 🙁

C Drive Space at the beginning
C Drive Space at the beginning

First things first. I wanna know which part of my system is taking up so much space! In geeky terms, I need a disk space analyzer for Windows. Well a simple google search gave me some brilliant options and based on a nicely detailed article1. I chose SpaceSniffer2.

  • Temporary Files: First step is to attack the temporary files. I used SpaceSniffer to find them. I found nothing major eating my disk-space so I moved on. Some of the many capabilities of SpaceSniffer can be found at their tips & tricks page3
  • Old Files: Find files that are more than 1 year old! This gave me some shockers! More than 46GB of my 100GB was untouched in over an year!! If I ignore the AppData, which cannot be deleted or moved4, then my pain points were:
    • pagefile.sys file – This was a whooping 7.8GB but then OS holds part of memory (RAM) data in this file & hence obviously should not meddled with5.
    • hiberfil.sys file – This was a staggering 5.8GB! This file has something to do with hibernation & you can use this info to free up this space6. And I did free up this space! 🙂
    • android directory – This was an unnecessary 2.2GB! Since I had long ago uninstalled all android based tools, it was a no-brainer to delete this fella outta my system.

At this point in time, solely due to hiberfil.sys, I gained about 6GB!

C Drive Space after hiberfil.sys
C Drive Space after hiberfil.sys

But I was still unhappy with the space reduction! 🙁 Gotta continue further!

Windows Disk Cleanup
Windows Disk Cleanup
  • Windows Disk Cleanup: Last but one option I got is to perform ‘Disk Cleanup,’ which I normally don’t trust. Historically I haven’t got any good results with this but then I am at the biggest space crunch cross-roads of my life! And, to my surprise, for the first time since I started using Windows I was happy with the results produced by a native windows utility. This saved be a good 18GB!! 🙂 18GB!! Boy, was I happy or what?! I was supremely excited! 🙂 🙂
  • CCleaner: Finally, I got totally greedy and chose to install the ‘CCleaner Free‘ for the ultimate cleanse! 🙂 And, this gave me another 1GB! 🙂 For the heck of it I chose to run the registry clean up as well. It guarantees me it found some milling DLLs and has fixed the issues! I gotta wait and see! 🙂
CCleaner Analysis
CCleaner Analysis

Anyways, after all these tasks (which consumed a good 3~4 hours of my time) now I am happy with a good 25.5GB of free space up from the initial 9.26GB! Am I a happy man or what?! 🙂 🙂

Final Disk Usage
Final Disk Usage

Btw, I followed these steps from howtogreek.com8

  1. The Best Disk Space Analyzer for Windows
  2. SpaceSniffer
  3. SpaceSniffer tips and tricks
  4. What is the AppData folder?
  5. Understanding the Windows Pagefile and Why You Shouldn’t Disable It
  6. What is hiberfil.sys and how do I delete it?
  7. How to Remove Programs (Windows 7)
  8. Beginner Geek : Simple Tips to Reduce Disk Usage in Windows 7