WebRTC – A viable alternative to Skype

webrtc_logoSkype for Linux 4.3 and upwards requires the use of PulseAudio, which has caused discontent amongst those Linux users who do not use PulseAudio. Although I do use PulseAudio, I recently found out about WebRTC, an API (application programming interface) for browser-based communication offering most of the functions provided by Skype, namely: voice calling, video chat, text chat, file sharing and screen sharing. The official WebRTC site states:

WebRTC is a free, open project that enables web browsers with Real-Time Communications (RTC) capabilities via simple JavaScript APIs. The WebRTC components have been optimized to best serve this purpose.

Our mission: To enable rich, high quality, RTC applications to be developed in the browser via simple JavaScript APIs and HTML5.

WebRTC was originally released by Google but is now a draft standard of the World Wide Web Consortium, and is supported by Chrome, Firefox and Opera browsers. Several commercial Web sites offer WebRTC-based communications to fee-paying customers, but I thought I would try WebRTC by using one of the so-called ‘demo’ WebRTC pages. AppRTC is a WebRTC demo page which can be reached from a link on the official WebRTC site, but I prefer Multi-Party WebRTC Demo by TokBox which offers a more polished experience with better features. Both are free to use and viable substitutes to Skype for video chatting (one-to-one or conference).

So, how do you actually use WebRTC-based sites? Below is a quick guide to get you going.

Text and video chatting

Open the following URL in Chrome or Firefox:

https://opentokrtc.com/

Enter a Room Name that is likely to be unique. I used ‘fitzchat’ (without the quotes), but you can use any name you want.

The other party or parties can do the same thing, i.e. they enter the same Room Name as you, and you will all become connected.

Alternatively, to send an e-mail invitation to someone, click on the URL at the top of the pane on the right-hand side (which is Invite: https://opentokrtc.com/fitzchat in this example, as I chose to name the Room ‘fitzchat’). The partially visible pane at the right-hand side of the browser window will slide into full view when you click on it.

That’s all there is to it. You should see a video window showing each party, and they should see the same. Each party should also be able to hear the other parties. In the top right-hand corner of each video window is an icon (microphone for you; speaker for each of the other parties) which you can click on to mute/un-mute that party.

Click on the partially visible pane at the right-hand side of the browser window. Notice the ‘chat bar’ at the bottom where you enter commands and chat text. Read the grey instructions listed near the top of the pane:

Welcome to OpenTokRTC by TokBox
Type /nick your_name to change your name
Type /list to see list of users in the room
Type /help to see a list of commands
Type /hide to hide chat bar
Type /focus to lead the group
Type /unfocus to put everybody on equal standing

For example, to give myself a meaningful name instead of the default username Guest-0120e48c which was given to me automatically, I entered the following:

/nick Fitz

Screen sharing

I found that screen sharing already works well in Chrome 36.0.1985.125 but is not yet supported in Firefox 31.0. It will be supported in Firefox 32 or 33, apparently, or you can already use Firefox Nightly providing you add the appropriate preferences via about:config.

To be able to share screens in Chrome, I had to perform two steps: enable a Chrome flag and install a Chrome extension. The two steps, which do not need to be repeated, are given below (see Ref. 1).

To enable screen sharing in Chrome, do the following:

  1. Open a new tab or window in Chrome.
  2. Copy the following link: chrome://flags/#enable-usermedia-screen-capture and paste it in the location bar.
  3. Click on the ‘Enable’ link below ‘Enable screen capture support in getUserMedia().’ at the very top of the screen.
  4. Click on the ‘Relaunch Now’ button at the bottom of the page to restart Chrome.

To install the screen sharing extension in Chrome, do the following:

  1. Launch Chrome and click on the Menu icon.
  2. Click on ‘Settings’.
  3. Click on ‘Extensions’.
  4. Click on ‘Get more extensions’ and search for ‘webrtc’.
  5. Download ‘WebRTC Desktop Sharing’.
  6. This places an icon to the right of the URL bar in Chrome.

To share your screen or just a window, do the following in Chrome:

  1. Click on the ‘Share Desktop’ icon to the right of the URL bar and select either ‘Screen’ or the window you wish to share.
  2. Click ‘Share’.
  3. When sharing has started in a new Chrome window, select the URL of the relevant tab in that window and send it to the other parties via the chat pane on the right-hand side of the first browser window.

To stop sharing, click on ‘Stop sharing’ and click on the ‘Share Desktop’ icon to the right of the URL bar to get it to return to displaying the ‘Share Desktop’ icon instead of the || (Pause) icon.

File sharing

I did not bother to try file sharing using WebRTC, but there are various Web sites you can use to do that. One such is ShareDrop, and googling will find others.

Caveats

Chrome 36.0.1985.125 and Firefox 31.0 were used in this trial (I did not try Opera). I found that video chat worked faultlessly when both parties were using Chrome, and when both parties were using Firefox. However, when one of the parties was using Firefox and the other was using Chrome, I could not see myself in one of the video boxes in the browser window (although I could see the other party in the other video box in the browser window). Furthermore, there was a grey bar across the middle of the video images in the AppRTC demo, whereas the Multi-Party WebRTC Demo video images were normal. Other than those two issues, the experience was smooth and straightforward. My recommendation would therefore be to use Multi-Party WebRTC Demo and for all the parties to use the same browser, be it Chrome or Firefox. If you want to share your screen or a window, the logical choice at the moment would be Chrome.

References

1 LiveMinutes Blog – Beta Testers: How To Activate Screen Sharing!

Installing Firefox for Windows and the Silverlight plug-in in WINE

I use 64-bit (~amd64) multilib Gentoo Linux on my main laptop, and had been using successfully Version 0.2.3 of the Pipelight browser plug-in in 64-bit Firefox 29.0.1 for Linux to access an office Intranet Web site that uses Microsoft Silverlight. However, after installing 64-bit Firefox 30.0 for Linux recently I found that Mozilla has removed NPAPI support by default in Firefox 30, and Web sites using Silverlight would no longer load.

By updating Pipelight to Version 0.2.6 and changing the user agent string — see ‘Firefox UserAgent Switcher list‘ — I was able to browse in Firefox 30.0 for Linux only some of the Web sites that use Silverlight, but the aforementioned Intranet Web site would no longer load and displayed the following error message instead:

It appears the browser you are using to access this site is unsupported. Please use one of the following browsers …

· Internet Explorer 8.0

· Internet Explorer 9.0

· Internet Explorer 10.0

If you are using one of these browsers and you are still seeing this message, please contact company support.

I tried changing Firefox’s user agent string to the following, which I found from the post ‘Firefox UserAgent Switcher list‘:

Mozilla/5.0 (compatible; MSIE 10.6; Windows NT 6.1; Trident/5.0; InfoPath.2; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727) 3gpp-gba UNTRUSTED/1.0

That user agent string allowed the Intranet’s Web page to start loading, but a window popped-up displaying the error message shown below and Firefox stopped responding (froze).

Error reading Localization file

[Xml_UnexpectedTokens2]
Arguments: Content-Type,”,’,4,18
Debugging resource strings unavailable. Often the key and arguments provide
sufficient information to diagnose the problem. See http://go.microsoft.com/fwlink/?
linkid=106663&Version=5.1.30214.00&File=System.Xml.dll&Key=Xml_UnexpectedTokens2

After trying various user agent strings without success I decided to install 64-bit Firefox 30.0 for Windows and the 64-bit Silverlight plug-in in WINE. The 64-bit Firefox 30.0 for Windows installed successfully and I could launch it and browse the Internet. However, I found that the 64-bit Silverlight plug-in would not install (according to a message in the Silverlight Installer window, installation of the plug-in crashed at 82% complete), so I then installed 32-bit Firefox 30.0 for Windows with the 32-bit Silverlight plug-in, and that worked. Below I list the steps I used to install and configure 32-bit Firefox 30.0 with the 32-bit Silverlight plug-in in WINE (which, in my installation, was compiled to support both 32-bit and 64-bit Windows applications).

Installation and configuration of 32-bit Firefox for Windows and the Silverlight plug-in

1. I used a Web browser to download the file ‘Firefox Setup 30.0.exe‘ from the Mozilla Firefox Web site to the /home/fitzcarraldo/Downloads/ directory. The Mozilla Web site offers a choice of localised versions, so I downloaded the installer for Firefox for Windows in British English.

2. I opened a Konsole window and entered the following commands:

$ cd
$ export WINEPREFIX=$HOME/.wine-firefox
$ export WINEARCH="win32"
$ winecfg # Set Windows Version to Window 7.
$ cd ./.wine-firefox/drive_c/
$ wget http://winetricks.org/winetricks # Download winetricks so I can install Windows fonts.
$ chmod +x winetricks # Make winetricks script executable.
$ ./winetricks # Launch winetricks and install Windows fonts.
$ cp /home/fitzcarraldo/Downloads/Firefox\ Setup\ 30.0.exe .
$ wine Firefox\ Setup\ 30.0.exe
$ env WINEPREFIX="/home/fitzcarraldo/.wine-firefox" WINEARCH="win32" wine /home/fitzcarraldo/.wine-firefox/drive_c/Program\ Files/Mozilla\ Firefox/firefox.exe # Launch Firefox and download the Silverlight installer.

N.B. Keep the Konsole window open and use it to enter all the commands listed in this post.

Notice that I downloaded and launched the excellent winetricks script so that I could install some Windows fonts that Firefox for Windows might need to use. When the winetricks window opens, all I needed to do was:

  • Select ‘Select the default wineprefix’ and click ‘OK’
  • Select ‘Install a font’and click ‘OK’.
  • Select ‘allfonts’ and click ‘OK’.
  • Optionally, if you have an LCD monitor and you would like to enable subpixel font smoothing, select ‘Change Settings’ then ‘fontsmooth=rgb’ and click ‘OK’.

3. I used the 32-bit Firefox for Windows Web browser to download the Silverlight plug-in installer to the /home/fitzcarraldo/Downloads/ directory. The files downloaded were Silverlight.exe and Silverlight.exe:Zone.Identifier which were both downloaded when I clicked on the ‘Click to Install’ button on the ‘Get Microsoft Silverlight‘ Web page and I then moved them from the directory /home/fitzcarraldo/Desktop/ to the /home/fitzcarraldo/Downloads/ directory.

4. I exited Firefox for Windows and installed the Silverlight plug-in:

$ cp /home/fitzcarraldo/Downloads/Silverlight* .
$ wine Silverlight.exe # Now install 32-bit Silverlight.

5. Then I launched Firefox for Windows again to configure the User Agent:

$ env WINEPREFIX="/home/fitzcarraldo/.wine-firefox" WINEARCH="win32" wine /home/fitzcarraldo/.wine-firefox/drive_c/Program\ Files/Mozilla\ Firefox/firefox.exe

I entered ‘about:config‘ (without the quotes) in the Address bar and added a new preference named general.useragent.override containing the following string (it is a User Agent string for Microsoft Internet Explorer 10.6 in 32-bit Windows 7):

Mozilla/5.0 (compatible; MSIE 10.6; Windows NT 6.1; Trident/5.0; InfoPath.2; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727) 3gpp-gba UNTRUSTED/1.0

N.B. This is the user agent string I used to get a specific office’s Intranet Web site that uses Silverlight to load in the Firefox 30.0 for Windows browser. You may need to use a different user agent string for the particular Web site you want to load. Use a search engine to search the Web for suitable user agent strings for the specific Web site you wish to browse. I have seen various user agent strings given for Netflix, for example, so you may have to try several to find one that works for you.

Alternatively, rather than using about:config you could install a Firefox extension such as User Agent Switcher and the associated ‘useragentswitcher.xml‘ file (see the ‘Firefox UserAgent Switcher list’ reference above for details of how to install), which would allow you to add, edit and select user agent strings more easily. An alternative to User Agent Switcher is the Firefox extension User Agent Overrider which may give you better results than User Agent Switcher on some Web sites that use Silverlight. I have tried it and it enables me to view the Silverlight test pages on the Web (I selected ‘Windows / Firefox 29′ from the User Agent Overrider pull-down menu).

6. I also made sure that plugins.click_to_play is set to ‘true’ (it should be by default) and I gave permission to Firefox to use the Silverlight plug-in on the relevant Web site I wish to use (Open menu > Add-ons > Plugins). See ‘Issues related to plugins – 4.1 Click to Play in Mozilla browser versions 23 and above‘ on the mozillaZine Website and ‘How to always activate a plugin for a trusted website‘ on the Mozilla Support Website.

Launching Firefox for Windows correctly in Linux

To launch Firefox for Windows from the command line you will need to enter either of the following commands:

$ env WINEPREFIX="/home/fitzcarraldo/.wine-firefox" WINEARCH="win32" wine /home/fitzcarraldo/.wine-firefox/drive_c/Program\ Files/Mozilla\ Firefox/firefox.exe

$ env WINEPREFIX="/home/fitzcarraldo/.wine-firefox" WINEARCH="win32" wine C:\\windows\\command\\start.exe /Unix /home/fitzcarraldo/.wine-firefox/dosdevices/c:/users/Public/Start\ Menu/Programs/Mozilla\ Firefox.lnk

Alternatively, you can set up a Desktop Configuration File (.desktop file) on your Desktop and/or an entry in the Desktop Environment’s launcher menu. In my case, WINE took care of doing both of those during the installation of Firefox for Windows, and it used the standard Firefox icon. I just needed to edit the entry’s command for launching Firefox, to make it match one of the commands listed above.

Postscript

Regarding the file Silverlight.exe:Zone.Identifier that was downloaded when I downloaded the Silverlight installer (Silverlight.exe), I had never come across such a file type before but have now found out what it is:

File that contains metadata describing the security zones associated with another file; generated automatically when a file is downloaded from the Internet or received as an email attachment; often created by Internet Explorer.

See the article .ZONE.IDENTIFIER File Extension for details.

You can therefore forget about the Silverlight.exe:Zone.Identifier file (if one even exists in your case). The important thing is to download the Silverlight installer, which is a single .exe file.

Bypassing a corporate Web filter when using the command line

or ‘How to bypass a corporate Web filter and download YouTube videos via the command line’

One of the offices where I work uses a Web filter to block access to certain sites, such as YouTube. However, sometimes it is necessary to view blocked Web sites for work purposes. For example, these days a lot of companies or individuals post product reviews on YouTube that are useful for work purposes. In such cases I have used Tor to access the blocked sites in a Web browser such as Firefox, Chrome, Konqueror etc. See my post How to install and use Tor for anonymous browsing or to access country-restricted content from another country for details of how to set up and use Tor with a Web browser.

But sometimes I need to access blocked Web sites from the command line. For example, today I needed to download a YouTube video for work purposes, and I wanted to use youtube-dl to do it. The solution was simple…

First I launched vidalia and polipo as explained in the above-mentioned post on Tor, then I launched another Konsole/Terminal window and entered the commands shown below:

$ # First find out what resolutions are available for the video I want to download:
$ youtube-dl -F https://www.youtube.com/watch?v=T3Rr4CUoTSQ
Setting language
T3Rr4CUoTSQ: Downloading webpage
T3Rr4CUoTSQ: Downloading video info webpage
T3Rr4CUoTSQ: Extracting video information
[info] Available formats for T3Rr4CUoTSQ:
format code extension resolution note
140 m4a audio only DASH audio , audio@128k (worst)
160 mp4 192p DASH video
133 mp4 240p DASH video
134 mp4 360p DASH video
135 mp4 480p DASH video
136 mp4 720p DASH video
17 3gp 176x144
36 3gp 320x240
5 flv 400x240
43 webm 640x360
18 mp4 640x360
22 mp4 1280x720 (best)
$ # Now try to download the video at the resolution I want:
$ youtube-dl -f 22 -o Clevo_W230ST_overview.flv https://www.youtube.com/watch?v=T3Rr4CUoTSQ
Setting language
T3Rr4CUoTSQ: Downloading webpage
T3Rr4CUoTSQ: Downloading video info webpage
T3Rr4CUoTSQ: Extracting video information
ERROR: unable to download video data: HTTP Error 403: Forbidden

As you can see above, the corporate Web filter blocked youtube-dl from downloading the video.

So I informed the shell session about the local HTTP proxy (polipo) running on my laptop, by assigning and exporting the environment variable http_proxy using the following syntax:

export http_proxy=http://server-ip:port/

which in my case meant the following (refer to my article on Tor):

$ export http_proxy=http://127.0.0.1:8123/

and then I was able to download the video from YouTube despite the corporate Web filter:

$ youtube-dl -f 22 -o Clevo_W230ST_overview.flv https://www.youtube.com/watch?v=T3Rr4CUoTSQ
Setting language
T3Rr4CUoTSQ: Downloading webpage
T3Rr4CUoTSQ: Downloading video info webpage
T3Rr4CUoTSQ: Extracting video information
[download] Destination: Clevo_W230ST_overview.flv
[download] 100% of 100.23MiB in 05:50
$

Useful Reference: How To Use Proxy Server To Access Internet at Shell Prompt With http_proxy Variable

KDE Connect – Link your Android device to your KDE desktop

KDE Connect app icon on my Samsung Galaxy Note II

KDE Connect app icon on my Samsung Galaxy Note II

KDE Connect is a nice tool that links your Android phone or tablet seamlessly via WiFi to KDE on your PC (the latter can be connected via WiFi or cable to the network). It allows your KDE desktop to receive notifications, files and media player commands from your Android device. The available KDE Connect plug-ins are:

Battery report
Periodically report battery status

Clipboard sync
Share the clipboard content

Multimedia remote controls
Control audio/video from your phone
(pause; first track; previous track; next track; last track; change volume)

Notification sync
Access your notification from other devices

Ping
Send and receive pings

Telephony notifier
Send notifications from SMS and calls

You will need to install the Android KDE Connect application on your Android device, and the Linux KDE Connect application on your PC.

Install the KDE Connect app on your Android device from the Google Play Store. You will then see the KDE Connect icon on the apps screen of your Android device.

For Gentoo users an ebuild for KDE Connect is available in the Gentoo KDE team’s testing overlay, so here are the instructions on how to install KDE Connect on your PC from there.

Firstly, mask the KDE overlay so that none of the packages in it interferes with the KDE software you installed from the main Portage tree:

# echo "*/*::kde" >> /etc/portage/package.mask

Then unmask the KDE Connect package in the KDE overlay:

# echo "kde-misc/kdeconnect" >> /etc/portage/package.unmask

N.B. If /etc/portage/package.mask is a directory rather than a file (either is possible) in your installation, and if /etc/portage/package.unmask is a directory rather than a file (either is possible) in your installation, use the following commands instead of the above two commands:

# echo "*/*::kde" > /etc/portage/package.mask/kde_overlay
# echo "kde-misc/kdeconnect" > /etc/portage/package.unmask/kdeconnect

Now add the KDE overlay and merge the package:

# layman -a kde
# emerge kdeconnect

If a firewall is running on your PC, you will need to configure it to allow tcp and udp traffic via a specific range of ports (1714 to 1764). I have UFW running on my main laptop, so in my case I used the following commands:

# ufw allow proto tcp to any port 1714:1764
# ufw allow proto udp to any port 1714:1764

The rules should look like this:

# ufw status verbose | grep 1714
1714:1764/tcp ALLOW IN Anywhere
1714:1764/udp ALLOW IN Anywhere
1714:1764/tcp ALLOW IN Anywhere (v6)
1714:1764/udp ALLOW IN Anywhere (v6)

If you have the KConfig Module kcm_ufw installed on your PC then you can instead use System Settings > Firewall to add the UFW rules via the KDE GUI.

By the way, to check which KConfig modules are installed on your PC you can use the following command under your user account:

$ kcmshell4 --list

Using KDE Connect is not difficult, so I will leave you to play with it. Obviously make sure WiFi is enabled on your Android device, and that it and your PC are connected to the same network. Tap on the KDE Connect icon on your Android device to launch the app, and you should see your PC’s name listed under CONNECTED DEVICES. Tap on the PC name and you should see the following screen:

KDE Connect screen

KDE Connect screen

If you tap on ‘Send ping’, the KDE Notification widget on the KDE System Tray should pop up a notification.

You can see what KDE Connect plug-ins are available, and select/deselect them:

KDE Connect plugins

KDE Connect plugins

KDE Connect also enables you to use your Android device as a remote control for media players running on your PC. When you launch a media player in KDE its name will appear in a list of selectable players in KDE Connect, and the name of the track currently playing will also be displayed:

KDE Connect - Remote control

KDE Connect - Remote control

When you select a file on your Android device and tap the Share icon, KDE Connect will be one of the options displayed on the ‘Share via’ menu. This is a handy way to send files from your Android device to your PC. The KDE Notification widget on your PC will notify you when the file has been transferred to ~/Desktop/ on your PC:

KDE on your PC notifies you when a file has been sent via KDE Connect

KDE on your PC notifies you a file has been sent via KDE Connect

You should also get notifications on your KDE desktop when someone phones or sends you an SMS.

Kudos and many thanks to the people responsible for KDE Connect. KDE is already a superb desktop environment, and with the addition of KDE Connect it is better still.

‘Server not found’ by browser at launch

I haven’t had any significant Linux problems or new requirements in the last few months, hence no new posts here. My last real problem was back in June 2013 when I rolled my Gentoo installation to latest using Portage and found that, whenever I launched Firefox, it displayed the ‘Server not found’ page and I had to click ‘Try Again’, and then Firefox displayed the expected Web site. From then onwards, Firefox would work as expected until I exited the application. Thunderbird was also unable to access e-mail servers on the first attempt after it was launched. The same thing happened in Sabayon Linux when I rolled to latest using Entropy a couple of days later. Anyway, here is how I fixed the problem in both distributions.

First I used Wireshark to see what was going on, and it transpired that Gentoo (and Sabayon) was sending an IPv4 request followed quickly by an IPv6 request, but the reply to the IPv6 request was being received first and was a ‘server not found’ message since my ISP does not support IPv6 and my router apparently does not handle IPv6 requests correctly. Gentoo (and Sabayon) then used an IPv4 address when I clicked ‘Try Again’ in the browser window, and thereafter Firefox always dispayed the expected Web sites.

I should point out that IPv6 is enabled in the kernels I use and I’ve never before had to disable IPv6 in Firefox (or system-wide) on the affected laptops. So why the change in functionality, I wonder?

With Wireshark capturing packets, when I launched Firefox I was seeing a server failure message indicating “AAAA” (IPv6) instead of “A” (IPv4). To stop this happening I could have chosen any one of the three following solutions:

1. I could have used about:config in Firefox (and Config Editor in Thunderbird) to change the value of network.dns.disableIPv6 to true instead of false.

2. I could have disabled IPv6 system-wide by editing /etc/modprobe.d/aliases.conf and uncommenting the line “alias net-pf-10 off“.

3. I could have forced the getaddrinfo() function in glibc to make the IPv4 and IPv6 requests sequentially rather than in parallel.

Just for the fun of it I chose the third option on a couple of my laptops, and, as they use NetworkManager, this is how I did it:

fitzcarraldo@aspire5536 ~ $ su
Password:
aspire5536 fitzcarraldo # cat /etc/resolv.conf
# Generated by resolvconf
domain home
nameserver 192.168.1.254
aspire5536 fitzcarraldo # cd /etc/NetworkManager/dispatcher.d/
aspire5536 dispatcher.d # touch 06-dhclientoptions
aspire5536 dispatcher.d # nano 06-dhclientoptions
aspire5536 dispatcher.d # cat 06-dhclientoptions
#!/bin/bash
echo "options single-request" >> /etc/resolv.conf
aspire5536 dispatcher.d # chmod +x /etc/NetworkManager/dispatcher.d/06-dhclientoptions
aspire5536 dispatcher.d # # Now I disconnect then reconnect to the network
aspire5536 dispatcher.d # cat /etc/resolv.conf
# Generated by resolvconf
domain home
nameserver 192.168.1.254
options single-request
aspire5536 dispatcher.d #

As you can see above, I added a two-line Bash script 06-dhclientoptions in the directory /etc/NetworkManager/dispatcher.d/ that appends the line “options single-request” (without the quotes) to the contents of the file /etc/resolv.conf. The addition of the line “options single-request” in resolve.conf causes the getaddrinfo() function in glibc to make the IPv4 and IPv6 requests sequentially rather than in parallel. With this change, Firefox and Thunderbird no longer have a problem accessing the Internet the first time they are launched.

From “man 5 resolv.conf” under “options”:

single-request (since glibc 2.10)
sets RES_SNGLKUP in _res.options. By default, glibc performs IPv4 and IPv6 lookups in parallel since version 2.9. Some appliance DNS servers cannot handle these queries properly and make the requests time out. This option disables the behavior and makes glibc perform the IPv6 and IPv4 requests sequentially (at the cost of some slowdown of the resolving process).

single-request-reopen (since glibc 2.9)
The resolver uses the same socket for the A and AAAA requests. Some hardware mistakenly sends back only one reply. When that happens the client system will sit and wait for the second reply. Turning this option on changes this behavior so that if two requests from the same port are not handled correctly it will close the socket and open a new one before sending the second request.

I had to use NetworkManagerDispatcher to add the line “options single-request” to /etc/resolv.conf because NetworkManager overwrites /etc/resolv.conf if you edit it manually.

UPDATE (February 4, 2014): As I have recently seen the line “options single-request” occurring more than once in the file /etc/resolv.conf I now recommend /etc/NetworkManager/dispatcher.d/06-dhclientoptions consists of the following:

#!/bin/bash
if grep -q "options single-request" /etc/resolv.conf; then
    exit
else
    echo "options single-request" >> /etc/resolv.conf
fi

Dropbox revisited

In a previous post I explained how I installed Kfilebox, an unofficial KDE front-end for Dropbox. However, development of Kfilebox appears to have stopped, as the original author posted the following recently on a blog:

“I have stopped working on kfilebox after some updates in dropbox. Shortly: there is no way to get recent changed files, no more access to config options, cant configure it.”

Nevertheless I continued using Kfilebox. However, after a few days the Kfilebox icon stopped appearing in the KDE System Tray, and clicking on ‘Show hidden icons’ > ‘Kfilebox’ on the Panel displayed “The Dropbox daemon isn’t running” in the pop-up menu. Also, if I clicked on the hidden Kfilebox icon and selected ‘Preferences…’ the Dropbox folder field was empty and I had to keep re-entering the location of the Dropbox folder. So I decided to uninstall Kfilebox and try using Dropbox directly with KDE. I performed the steps listed below.

  1. Uninstall Kfilebox:

    # emerge -C kfilebox

  2. Remove any associated directories and files that might be left over:

    # rm -rf /home/fitzcarraldo/.dropbox
    # rm -rf /home/fitzcarraldo/.dropbox-dist
    # rm /home/fitzcarraldo/.kde4/share/config/kfileboxrc

  3. Install Dropbox:

    # emerge dropbox

  4. Do not edit /etc/conf.d/dropbox and do not configure Gentoo to launch the Dropbox daemon at start-up (i.e. do not add /etc/init.d/dropbox to the default runlevel). Instead configure KDE to launch the daemon when logging-in to KDE:
    1. Kickoff > System Settings > Startup and Shutdown
    2. Click on ‘Autostart’ in the left pane.
    3. Click on the ‘Add Script…’ button on the right side of the window.
    4. Enter the location of the Dropbox daemon in the box in the pop-up window. I entered “/opt/dropbox/dropboxd” (without the quotes) in the box and clicked ‘OK’.
  5. Run Dropbox for the first time and configure the local installation:
    1. Open a Dolphin window and browse to the directory containing the daemon (/opt/dropbox/) and double-click on dropboxd to launch the daemon.
    2. The Dropbox set-up window will pop-up and it should be obvious what to do from there onwards. As I already had a Dropbox account I selected ‘I already have a Dropbox account’ and clicked ‘Next’, I then entered my e-mail address, my Dropbox password and my computer’s name in the boxes and clicked ‘Next’. I left the default free 2 GB option selected and clicked ‘Next’. I left the default set-up ‘Typical’ selected and clicked ‘Install’. I read the introductory information displayed in the next couple of windows and clicked ‘Next’. I clicked ‘Finish’ in the final ‘That’s it!’ window.
  6. A Dropbox icon then appears in the System Tray on the Panel and synchronises with the Dropbox directory on the remote Dropbox server.

Now if I click on the Dropbox icon in the System Tray, the Dropbox directory window pops up. If I right-click on the icon in the System Tray, a menu pops-up with the expected Dropbox options.

So there was no need to use Kfilebox after all, as using the Dropbox daemon directly is just as user-friendly.

Installing Dropbox in Gentoo running KDE

kfilebox
I had never used Dropbox before and had no intention of doing so, but today a work colleague sent me some large files via Dropbox so I was forced to sign up. I tried to install Dropbox on my main laptop running Gentoo Linux and KDE but, for a well-known application, I had a surprising amount of trouble, hence this blog post.

To begin with, I found the following Dropbox-related packages:

# eix dropbox
* gnome-extra/nautilus-dropbox
Available versions: (~)0.6.9 (~)0.7.0 0.7.1 (~)1.4.0 {debug}
Homepage: http://www.dropbox.com/
Description: Store, Sync and Share Files Online
.
* net-misc/dropbox
Available versions: 1.2.48-r1^ms (~)1.2.51-r2^ms (~)1.4.3-r1^ms (~)1.4.7-r1^ms (~)1.4.7-r2^ms (~)1.4.17^ms (~)1.4.23^ms (~)1.6.16^ms {X +librsync-bundled}
Homepage: http://dropbox.com/
Description: Dropbox daemon (pretends to be GUI-less)
.
* net-misc/dropbox-cli
Available versions: 1 1-r1 {PYTHON_TARGETS="python2_6 python2_7"}
Homepage: http://www.dropbox.com/
Description: Cli interface for dropbox daemon (python)
.
* xfce-extra/thunar-dropbox [1]
Available versions: [m](~)0.2.0
Homepage: http://www.softwarebakery.com/maato/thunar-dropbox.html
Description: Plugin for Thunar that adds context-menu items for Dropbox
.
[1] "sabayon" /var/lib/layman/sabayon
.
Found 4 matches.

But I don’t have GNOME or Xfce installed on my main laptop, so the first and last packages were of no interest. A quick search on the Web turned up Kfilebox, which seemed to be exactly what I needed. I was pleased to find that the package is in the main Portage tree:

# eix kfilebox
* kde-misc/kfilebox
Available versions: (4) (~)0.4.8 (~)0.4.9
{LINGUAS="ar br cs de el es fr gl it lt nl pl pt ru si tr zh zh_CN"}
Homepage: http://kdropbox.deuteros.es/
Description: KDE dropbox client

So I installed kfilebox, dropbox and dropbox-cli, thinking I would need them all. Then, before doing anything else, I surfed to the Dropbox Web site and signed up for an account.

I launched Konsole and entered the command kfilebox. A window popped-up telling me that the Dropbox Daemon was being downloaded, then another window popped up offering me two options/buttons: ‘Run gtk based installer’ and ‘Or simply link account’. I clicked on the latter, thinking that was all I needed to do as I had already signed up for an account via the Dropbox Web site. But a Dropbox icon did not appear in the Panel, nor did Dolphin show a Dropbox folder icon in my home directory, and the KDE Notifications widget kept popping up notification after notification from Kfilebox to “Please visit url to link to this machine”. The trouble was that clicking on the apparent link in the notifications did nothing.

The directories .dropbox and .dropbox-dist existed in my home directory, and the contents of /home/fitzcarraldo/.kde4/share/config/kfileboxrc were as follows:

[General]
AutoStart=true
Browser=rekonq
DropboxDir=/home/fitzcarraldo/.dropbox-dist/
FileManager=dolphin
GtkUiDisabled=true
IconSet=default
ShowNotifications=true
StartDaemon=true

As the rekonq Web browser is not installed on this laptop, I edited the file and changed Browser=rekonq to Browser=firefox then rebooted, but it made no difference.

So I uninstalled everything:

# emerge -C kfilebox dropbox dropbox-cli
# rm -rf /home/fitzcarraldo/.dropbox
# rm -rf /home/fitzcarraldo/.dropbox-dist
# rm /home/fitzcarraldo/.kde4/share/config/kfileboxrc

then rebooted and reinstalled only Kfilebox:

# emerge kfilebox

I then launched Konsole and entered the command kfilebox. The pop-up window appeared notifying me that the Dropbox Daemon was being downloaded, followed by the pop-up window offering me the choice of running the gtk-based installer or simply linking the account. This time I chose the option to run the gtk-based installer and just followed the intuitive instructions in the various pop-up windows that followed, one of which offered to create a new Dropbox account or to link to an existing Dropbox account. As I wanted to do the latter I entered my e-mail address and Dropbox password, a Dropbox icon then appeared on the Panel and a Dropbox folder icon is now visible in Dolphin.

I checked the contents of ~/.kde4/share/config/kfileboxrc and they were the same as listed above, so I edited the file to replace rekonq with firefox, although I’m not sure yet what (if anything) that does, as Dropbox is new to me and I’m still learning. Anyway, the important thing is that I could now click on the ‘View folder’ button in an e-mail sent to me by a colleague and the files uploaded by my colleague were automatically downloaded into the ~/Dropbox directory.

EDIT May 30, 2013: Kfilebox is no longer in development and has started playing up. However, I found out how to install Dropbox directly and use it with KDE, and it’s just as user-friendly as Kfilebox. See my post Dropbox revisited for how to install Dropbox directly.

Setting the wireless regulatory domain in Linux on your laptop

I travel internationally and want to make sure that my laptop uses the legal wireless networking frequencies in the country I am visiting. In Linux, CRDA (Central Regulatory Domain Agent) is the udev helper used to communicate between userspace and the kernel, and it enables you to view and alter the wireless regulatory domain your kernel uses. For more information see the Regulatory page on the Linux Wireless Wiki site.

CFG80211 is the Linux wireless LAN (802.11) configuration API. The kernel on my main laptop has the following configuration settings relating to CFG80211:

# cat /usr/src/linux/.config | grep CFG80211
CONFIG_CFG80211=m
# CONFIG_CFG80211_DEVELOPER_WARNINGS is not set
# CONFIG_CFG80211_REG_DEBUG is not set
CONFIG_CFG80211_DEFAULT_PS=y
# CONFIG_CFG80211_DEBUGFS is not set
# CONFIG_CFG80211_INTERNAL_REGDB is not set
CONFIG_CFG80211_WEXT=y

and the cfg80211 module is loaded:

# lsmod | grep cfg80211
cfg80211 145747 3 iwlwifi,mac80211,iwldvm

I have the package crda installed, and I have the following udev rule file /etc/udev/rules.d/regulatory.rules to allow the kernel to communicate with userspace:

KERNEL=="regulatory*", ACTION=="change", SUBSYSTEM=="platform", RUN+="/sbin/crda"

So, how do you check which wireless regulatory domain your kernel is currently using, and switch to another domain if necessary? These tasks are performed using the iw command. You’ll need to install the package iw if it is not already installed.

To see the regulatory domain your laptop is using now, enter the following command as root user:

iw reg get

When I use the above command on my laptop after start-up, I normally see the following:

# iw reg get
country 00:
(2402 - 2472 @ 40), (3, 20)
(2457 - 2482 @ 20), (3, 20), PASSIVE-SCAN, NO-IBSS
(2474 - 2494 @ 20), (3, 20), NO-OFDM, PASSIVE-SCAN, NO-IBSS
(5170 - 5250 @ 40), (3, 20), PASSIVE-SCAN, NO-IBSS
(5735 - 5835 @ 40), (3, 20), PASSIVE-SCAN, NO-IBSS

The country code 00 is not the code of the country I am in at present. To tell the kernel which wireless regulatory domain you wish to use, enter the following command as root user:

iw reg set ISO_3166-1_alpha-2

where ISO_3166-1_alpha-2 is the 2-character code for the country you are in. You can find the list of ISO 3166-1 alpha-2 codes on the Wikipedia page ISO 3166-1 alpha-2.

For example, if I were in the UK then I would enter the following command:

# iw reg set GB

and the regulatory domain would then be reported like this:

# iw reg get
country GB:
(2402 - 2482 @ 40), (N/A, 20)
(5170 - 5250 @ 40), (N/A, 20)
(5250 - 5330 @ 40), (N/A, 20), DFS
(5490 - 5710 @ 40), (N/A, 27), DFS

It is not a big deal to use the command line, but I wanted to make it even easier. I’m using KDE on my main laptop, so I created a Desktop Configuration File /home/fitzcarraldo/Desktop/Set_wireless_regulatory_domain containing the following:

[Desktop Entry]
Comment[en_GB]=
Comment=
Exec=/home/fitzcarraldo/iw_reg.sh
GenericName[en_GB]=Set wireless regulatory domain
GenericName=Set wireless regulatory domain
Icon=/home/fitzcarraldo/national-flags-icon.png
MimeType=
Name[en_GB]=Set_wireless_regulatory_domain
Name=Set_wireless_regulatory_domain
Path=
StartupNotify=true
Terminal=true
TerminalOptions=\s--noclose
Type=Application
X-DBUS-ServiceName=
X-DBUS-StartupType=none
X-KDE-SubstituteUID=false
X-KDE-Username=

and gave it the following file permissions:

# chmod 744 /home/fitzcarraldo/Desktop/Set_wireless_regulatory_domain
# ls -la /home/fitzcarraldo/Desktop/Set_wireless_regulatory_domain
-rwxr--r-- 1 fitzcarraldo users 496 Jan 15 21:53 /home/fitzcarraldo/Desktop/Set_wireless_regulatory_domain

I used a search engine to find a nice PNG icon consisting of several overlapping national flags, and saved it with the file name name national-flags-icon.png in my home directory.

I created a Bash shell script /home/fitzcarraldo/iw_reg.sh containing the following:

#!/bin/bash
echo "First you need to enter the password of your user account..."
sudo echo ""
echo "The ISO 3166-1 alpha-2 codes are listed on Web page https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2"
echo ""
echo "The current wireless regulatory domain is set as: "
echo ""
sudo iw reg get
echo ""
echo -n "Enter the ISO 3166-1 alpha-2 code (upper case) for the country you are in now, and press ENTER: "
read REGULATORYDOMAIN
sudo iw reg set $REGULATORYDOMAIN
echo ""
echo "The current wireless regulatory domain is now set as: "
echo ""
sudo iw reg get
echo ""
echo "All done. You can close this window."

and gave it the following file permissions:

# chmod 744 /home/fitzcarraldo/iw_reg.sh
# ls -la /home/fitzcarraldo/iw_reg.sh
-rwxr--r-- 1 fitzcarraldo users 632 Jan 15 21:33 /home/fitzcarraldo/iw_reg.sh

Now, if I double-click on the icon for Set_wireless_regulatory_domain on my desktop, a Konsole window pops up with a prompt for me to enter my user account password. When I enter my password the window displays the current wireless regulatory domain the kernel is using and prompts me to enter the 2-character code for the regulatory domain I wish to use instead. When I enter the country code the window displays the new regulatory domain, as shown in the sample below.


First you need to enter the password of your user account...
Password:

The ISO 3166-1 alpha-2 codes are listed on Web page https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2

The current wireless regulatory domain is set as:

country SA:
(2402 - 2482 @ 40), (N/A, 20)
(5170 - 5250 @ 20), (3, 23)
(5250 - 5330 @ 20), (3, 23), DFS
(5735 - 5835 @ 20), (3, 30)

Enter the ISO 3166-1 alpha-2 code (upper case) for the country you are in now, and press ENTER: GB

The current wireless regulatory domain is now set as:

country GB:
(2402 - 2482 @ 40), (N/A, 20)
(5170 - 5250 @ 40), (N/A, 20)
(5250 - 5330 @ 40), (N/A, 20), DFS
(5490 - 5710 @ 40), (N/A, 27), DFS

All done. You can close this window.

The task of viewing and changing the regulatory domain after start-up is now very easy for me. The only thing that would be easier than this would be if Linux could detect automatically which country I’m in and set the regulatory domain automatically.

Synchronise your Gentoo Linux clock with an Internet time server

There are a number of ways to synchronise Gentoo Linux with a time server on the Internet. Here I look at a few alternatives.

ntp-client

ntp-client and the NTP daemon ntpd are installed when you install the package net-misc/ntp. Although I have read on some Web sites that /etc/init.d/ntp-client should be added to the default runlevel in order to read the time from an NTP server (once-only, during start-up), this in fact does not work because usually the network connection is not up by the time the ntp-client initscript runs. Bear in mind that ntp-client does not run continuously; it syncs once with an external time server if there is a network connection, and that’s it.

NetworkManager Dispatcher

If you are using NetworkManager, an elegant solution is to use NetworkManagerDispatcher to restart ntp-client in order to resync your system clock every time a network connection comes up. This is my favoured solution for laptops; see further on for how to configure your machine to do this.

cronjob

Another way would be to create a cronjob to run periodically the ‘/etc/init.d/ntp-client restart‘ command or the ‘ntpd -q‘ command (the -q option means “set the time and quit”).

Wait a while after start up

A ‘quick-and-dirty’ method, which I have used sometimes to synchronise a laptop’s system clock every time it boots, would be to delay running ntp-client until the network is up by putting e.g. the command below in a file 10_ntp-client.start in the directory /etc/local.d/ (10 seconds is usually enough time for a wired or wireless connection to my home network to be established):

#!/bin/bash
sleep 10s && /etc/init.d/ntp-client restart

Don’t forget to make it executable:

# chmod 744 /etc/local.d/10_ntp-client.start

NTP daemon

Regarding the NTP daemon, it is possible to configure this from the command line, rather than via a Desktop Environment GUI, to run at start-up and continue running to adjust your system clock. The command:

# rc-update add ntpd default

will add the daemon’s initscript to the default runlevel so that it is launched automatically at the next startup, and the command:

# /etc/init.d/ntpd start

will start the daemon running right now.

Note that, by default, the NTP daemon won’t correct, all in one go, a time difference between your system clock and the remote NTP server if that difference is above a certain size. However, if you want to override the default behaviour, i.e. allow the NTP daemon to make a large first adjustment to the system clock, you can set the environment variable NTPD_OPTS in the file /etc/conf.d/ntpd as follows:

NTPD_OPTS="-g"
# The -g option enables ntpd to make large adjustments.

This would mean that you would not need to run ntp-client before ntpd. However, if you run ntp-client automatically — either once after start-up or periodically — then that would be good enough for the typical Desktop user, and could be an alternative to having a continuously-running NTP daemon. Nothing stops you doing both if you want, of course.

Updating the hardware clock

If you make clock_systohc="YES" in the file /etc/conf.d/hwclock then the time in the system clock will be written to the BIOS (CMOS) clock (a.k.a. hardware clock) when you shut down your PC.

How to configure NetworkManager Dispatcher to synchronise the system clock only when a network connection is made

If you’re using a machine that is permanently connected to a network, running the NTP daemon makes sense. But what if you have a machine that is not always connected to a network when it is powered up? I have a laptop and I don’t want the NTP daemon running all the time. But I would like my laptop to synchronise with an external time server once after start up when I connect to the Internet. NetworkManager has a handy tool called NetworkManager Dispatcher for doing just this.

If you have installed NetworkManager, you’ll find there is an initscript /usr/portage/net-misc/networkmanager/files/NetworkManagerDispatcher. Copy it to the directory /etc/init.d/ and give it the necessary restrictive permissions:

# cp /usr/portage/net-misc/networkmanager/files/NetworkManagerDispatcher /etc/init.d/
# chmod 744 NetworkManagerDispatcher

Then create a shell script called e.g. 99_ntp-client in the directory /etc/NetworkManager/dispatcher.d/ to be run by NetworkManagerDispatcher when a network connection is established, containing the following code:

#!/bin/bash

INTERFACE=$1 # The interface which is brought up or down
STATUS=$2 # The new state of the interface

case "$STATUS" in
    'up') # $INTERFACE is up
        echo "System time before starting ntp-client:" > /home/fitzcarraldo/ntp-client.txt
        date >> /home/fitzcarraldo/ntp-client.txt
        echo "Starting ntp-client:" >> /home/fitzcarraldo/ntp-client.txt
        rc-config restart ntp-client &>> /home/fitzcarraldo/ntp-client.txt
        echo "System time after starting ntp-client:" >> /home/fitzcarraldo/ntp-client.txt
        date >> /home/fitzcarraldo/ntp-client.txt
        ;;
    'down') # $INTERFACE is down
        # Check for active interface and down if no one active
        if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then
                echo "Stopping ntp-client at:" > /home/fitzcarraldo/ntp-client.txt
                date >> /home/fitzcarraldo/ntp-client.txt
                rc-config stop ntp-client &>> /home/fitzcarraldo/ntp-client.txt
        fi
        ;;
esac

Make the root user the owner of the script, and only allow the root user to write to it and execute it:

# cd /etc/NetworkManager/dispatcher.d/
# chown root:root 99_ntp-client
# chmod 744 99_ntp-client

Then add NetworkManagerDispatcher to the default runlevel so that it will be launched every time you boot your machine:

# rc-update add NetworkManagerDispatcher default

As the package net-misc/ntp installs both /etc/init.d/ntpd and /etc/init.d/net-client, users could optionally add the NTP daemon ntpd to the default runlevel too if desired, which would provide continuous, incremental adjustments to the system clock once net-client has done its one-shot adjustment each time a network comes up:

# rc-update add ntpd default

But users who don’t leave their PCs on for days on end — or who use laptops — can ignore the above step and just stick with the NetworkManagerDispatcher and net-client solution, whereas users who leave their machines on for days or weeks on end can also use the NTP daemon to keep the system clock in sync in between the times when ntp-client has synchronised.

Don’t forget to delete ntp-client from the start-up level if you are using NetworkManagerDispatcher to run it:

# rc-update del ntp-client

Notice that the script /etc/NetworkManager/dispatcher.d/99_ntp-client logs some information in a text file ntp-client.txt in my home directory which I can check. Here is an example of what ntp-client.txt contains after I select a network (or it is selected automatically) following start up of my laptop:

System time before starting ntp-client:
Sun Jun 3 19:24:08 BST 2012
Starting ntp-client:
Restarting init script
* Setting clock via the NTP client 'ntpd' ...ntpd: time slew +0.067178s
[ ok ]
System time after starting ntp-client:
Sun Jun 3 19:24:17 BST 2012

As you can see above, the ntpd command was executed once by NetworkManagerDispatcher and made a small adjustment to the system time on my laptop.

Replacing ntpdate with ntpd in ntp-client

Just for the fun of it, I changed /etc/conf.d/ntp-client to use the command ntpd instead of ntpdate, even though the ntpdate command works fine. Anyway, here’s my /etc/conf.d/ntp-client file these days:

NTPCLIENT_CMD="ntpd"
NTPCLIENT_OPTS="-g -q"

I have added the -g option so that the ntpd command can make large adjustments to the system time if it is way off the actual time. This is useful at the beginning and end of Daylight Saving Time, or if you dual boot with Windows. Here is an example of the former when I powered up my laptop the morning after the clocks changed from BST to GMT at the end of Summer 2010:

$ cat /home/fitzcarraldo/ntp-client.txt
System time before starting ntp-client:
Sun Oct 31 09:37:23 GMT 2010
Starting ntp-client:
Starting init script
* Setting clock via the NTP client 'ntpd'...ntpd: time set -3600.122381s
[ ok ]
System time after starting ntp-client:
Sun Oct 31 08:37:30 GMT 2010

You can specify the NTP server or NTP server pool in the file /etc/ntp.conf, but the default server pool already specified in that file should work. Note again that, when ntpd is run with the -q option, it synchronises the system clock once and terminates, i.e. it is not running as a daemon.

How to install and use Tor for anonymous browsing or to access country-restricted content from another country

Some people want to browse the Web in complete anonymity. One tool for doing that is Tor. However, there are other reasons for using Tor. For example, when I am travelling in a country where the government blocks certain Web sites (or blocks accessing content on certain Web sites), or when I am travelling overseas and certain Web sites back home will not let me view content (e.g. TV shows), I use Tor. Note that some Web sites are now clever enough to detect that you are accessing them via a proxy and could be overseas, so even Tor will not gain you access to media on some Web sites back home. Anyway, it’s still worth trying Tor to see if it works in your case.

For an overview of the installation and configuration procedure, see Running the Tor client on Linux/BSD/Unix. Below I will explain how to install and use Tor in Gentoo Linux.

Before you use Tor, it is useful to check your current IP address. Several Web sites will tell you your current IP address; here is the site I usually use: http://whatismyipaddress.com/

1. Install Tor:

# USE="tordns" emerge -1v tor

(Actually, the more-recent versions of the tor package don’t require that USE flag but I’ve left it in as it does no harm.)

2. Install Vidalia:

# cd /usr/portage/distfiles/
# wget --no-check-certificate https://www.torproject.org/dist/vidalia/vidalia-x.y.z.tar.gz
# USE="tor" emerge -1v vidalia

Use the current version x.y.z of the vidalia package in the package manager and https://www.torproject.org/dist/vidalia/

3. Install Polipo:

# emerge -1v polipo

4. Download polipo.conf

# cd /etc/polipo
# wget --no-check-certificate https://gitweb.torproject.org/torbrowser.git/blob_plain/HEAD:/build-scripts/config/polipo.conf

Edit April 21, 2013: The above URL is now:

https://gitweb.torproject.org/torbrowser.git/blob_plain/ae4aa49ad9100a50eec049d0a419fac63a84d874:/build-scripts/config/polipo.conf

5. Edit it and change proxyPort = 8118 to proxyPort = 8123

6. Copy it to /etc/polipo/:

# cd /etc/polipo
# cp /etc/polipo/config /etc/polipo/config.bak
# cp polipo.conf config

7. Configure Firefox:

Edit > Preferences > Network > Settings

Manual proxy configuration:

HTTP Proxy: 127.0.0.1 Port: 8123
SSL Proxy: 127.0.0.1 Port 8123

SOCKS Host: 127.0.0.1 Port 9051
SOCKS v5
No Proxy for: 127.0.0.1

8. Run Vidalia and then configure it:

$ vidalia &

a) Settings > Sharing

Select ‘Run as a client only’

b) Settings > Advanced

Select ‘Use TCP connection (ControlPort)’
Address: 127.0.0.1 9051

Tor Configuration File:
/home/fitzcarraldo/.vidalia/torrc

Data Directory:
/home/fitzcarraldo/.tor

c) Click on ‘Edit current torrc’ and make it:

# This file was generated by Tor; if you edit it, comments will not be preserved
# The old torrc file was renamed to torrc.orig.1 or similar, and Tor will ignore it
ControlPort 9051
ExitNodes {gb}
Log notice stdout
SocksListenAddress 127.0.0.1
StrictNodes 1

Note that I have specified “{gb}” above so that I am perceived by Web sites to be browsing in the UK even if I am in another country. But you can use a different country code if you want Web sites to perceive you are in another country. For example, “{us}” would make it look as if you are browsing in the USA.

9. Run Polipo:

$ sudo polipo

10. Surf to http://torcheck.xenobite.eu/ to check that you are now using a Tor exit node.

11. Surf to http://whatismyipaddress.com/ to check that your IP address has changed.

Follow

Get every new post delivered to your Inbox.

Join 50 other followers