Category Archives: How To

Script to enable/disable DMZ on Linksys and Verizon routers

Your home Internet router gives you some protection against direct attacks on your computer by keeping your home network safely encapsulated. Each of your home computers can access the Internet (this is called NAT), but no outsider can access your computers directly. Outsiders only see the router. However, sometimes you want your computer to be “fully” online. Enter the “DMZ” feature of your router. Your router’s DMZ allows one of your computers to be fully exposed to the Internet (for better or worse).

Reasons to enable your DMZ:

  • Access your files while away from home.
  • Serve web pages from your computer.
  • Make BitTorrent transfers faster. BitTorrent transfers are usually faster when your computer is directly exposed to the Internet.

For my work at FamilyLink.com, I develop directly on my local machine. While working on our Facebook application, I need to allow Facebook servers to directly access my machine. (When you use a Facebook app, you’re accessing Facebook’s servers and Facebook servers are, in turn, accessing the developer’s server via a callback URL. While working on our Facebook app, Facebook directly accesses my local machine.) This requires me to open my machine to the DMZ.

Reasons not to enable your DMZ:

  • Your computer is more likely to be hacked
  • Your private data is more likely to be accessed

If you enable your DMZ, know which services are enabled on your machine and which files and data are being shared. There may be files you’re comfortable sharing on your local network that you wouldn’t want to share with the world. Only enable the DMZ as long as necessary.

Enabling the DMZ can be a pain — logging into your router and navigating to the correct setting — so I wrote the following Ruby scripts to make it easy. The first worked with the Linksys router I had. (I believe it was a WRT54G.) To use, fill in your router’s IP address and password, and your computer’s hardware address, then type “linksys_dmz.rb on” or “linksys_dmz.rb off” at the command-line. The script looks up your computer’s hardware address in the table of local IP addresses so the IP address can safely change from time to time.

#!/usr/bin/env ruby
# linksys_dmz.rb

router = '10.1.1.1'
user = 'admin'
pass = 'your_password'
hardware_address = '00:23:6C:00:00:00'

leases = `curl -su #{user}:#{pass} http://#{router}/DHCPTable.asp`
leases.scan(%r{'([^']+)', hardware_address}) do |m|
  ip_address = m[0].strip.to_s
  last_digit = ip_address.split('.').last
  if $*[0] == 'open' || $*[0] == 'on'
    post_values = "submit_button=DMZ&change_action=&action=Apply&dmz_enable=1&dmz_ipaddr=#{last_digit}"
    print "Opening DMZ to #{ip_address}\n\n"
  else
    post_values = "submit_button=DMZ&change_action=&action=Apply&dmz_enable=0"
    print "Closing DMZ\n\n"
  end
  `curl -su #{user}:#{pass} -e http://#{router}/DMZ.asp -d '#{post_values}' http://#{router}/apply.cgi`
end

Last year I switched to Verizon FIOS, which came with its own wireless router, so I had to write a new script. Again, fill in the password, then type “verizon_dmz.rb on” or “verizon_dmz.rb off” in Terminal. (This script assumes a 10.1.1.* network. Change it to 192.168.1.* if that’s what you have.)

As a side note, the Verizon router was a bit of beast to automate. It uses a hashed signature to try to enforce JavaScript-enabled browsers. Writing this script required using TamperData, Charles Proxy, and a lot of trial and error to discover which POST data were necessary.

I use this script to open the DMZ before working on our Facebook app, then I close it when I’m done for the day. Eventually, it’d be nice to find a way to enable the DMZ remotely — maybe via email or something.

#!/usr/bin/env ruby
# verizon_dmz.rb

require 'rubygems'
require 'mechanize'
require 'digest/md5'

user = 'admin'
pass = 'your_password'

localhost = `ifconfig`.scan(/inet (\d+\.\d+\.\d+\.\d+).*broadcast 10.1.1.255/).join
router    = localhost.gsub(/\d+$/,'1')

begin
    agent = Mechanize.new
    page = agent.get("http://#{router}:81")
rescue Exception
    abort "Unable to connect to Verizon Router! Check the IP address."
end

form = page.forms[0]
auth_key = form.fields.find {|f| f.name == 'auth_key'}.value
form.fields.find {|f| f.name == 'user_name'}.value = user
form.fields.find {|f| f.name == 'md5_pass'}.value = Digest::MD5.hexdigest(pass + auth_key)
form.fields.find {|f| f.name == 'mimic_button_field'}.value = 'submit_button_login_submit%3A+..'
form.method = "POST"
form.submit

post = {
    'dmz_host_cb_watermark' => '1',
    'dmz_host_ip0' => localhost.split('.')[0],
    'dmz_host_ip1' => localhost.split('.')[1],
    'dmz_host_ip2' => localhost.split('.')[2],
    'dmz_host_ip3' => localhost.split('.')[3],
    'active_page'  => '9013',
    'mimic_button_field' => 'submit_button_login_submit%3A+..',
}

if $*[0] == 'open' || $*[0] == 'on'
   post['dmz_host_cb'] = '1'
   puts "Opening DMZ to #{localhost}"
else
    puts "Closing DMZ"
end

agent.post('/index.cgi', post)

iPhone tip: Use a Silent Ringtone to Screen Calls in Your Sleep

Have you ever wished your iPhone would ring only when certain people call? Here’s how to do it:

  1. Download the “Silence” ringtone here: silence.m4r
  2. Copy this file into the Ringtones section of your iTunes. (Click to enlarge.)

    adding_ringtone_to_itunes
  3. Sync your iPhone with iTunes to load the ringtone.
  4. On your iPhone, change your ringtone to “Silence” (under Settings -> Sounds -> Ringtone). You’ll no longer hear your phone calls.

    2_iphone_silence_ringtone
  5. For each person whose calls you still want to hear, change his or her Custom Ringtone to something audible: Click the name in your contact list, choose Ringtone, then choose something besides Default

    3_iphone_important_caller 4_iphone_audible_ringtone

Now you can screen calls in your sleep. Because Sunday afternoons are for napping.

UPDATE (Apr 14, 2011): I haven’t used it, but MrNumber.com appears to be an interesting service for identifying phone numbers belonging to telemarketers and blocking them.

How to Save Voicemail Forever on Your Mac

With a combo of free Mac applications, you can record and save voicemails from your mobile phone.

You’ll need to install the following Mac applications:

skype Skype. You’ll use Skype to make a call to your mobile phone and listen to your voicemail. Though the app is free, you’ll need to buy Skype Credit to make a “Skype Out” call to your mobile phone.

 

audacity Audacity. You’ll use this free application to record your phone call.

 

soundflowerbed Soundflower and Soundflowerbed. This free system extension will connect Skype to Audacity. It’s like a laundry chute for audio; you can direct audio from any application to another. It does this by adding a pseudo “device” to your list of audio devices in System Preferences.

Instructions:

  1. Open Audacity, then Audacity Preferences. In the Audio I/O section, change the Recording device to Core Audio: Soundflower (2ch). audacity_preferences
  2. Open Skype, then Skype Preferences. Under the Audio tab, change Audio Output to Soundflower (2ch).
    skype_preferences
  3. Open Soundflowerbed in your menu bar, then under Soundflower (2ch), select Built-in Output. Soundflowerbed allows you to monitor the audio passing through Soundflower, like having a window into the laundry shoot to watch clothes that fall past.
    soundflower_preferences
  4. Back in Audacity, click the Record button to begin recording.

    audacity_record_button

  5. In Skype, make a call to your cell phone. When your greeting begins playing, press the sequence of keys that accesses your voicemail (probably the asterisk key followed by your password.) Listen to your voicemail as you normally would. Then hang up. skype_phonecall
  6. Switch back to Audacity and click the Stop button. You should see the zig-zaggy waveform of the message you just recorded.
    audacity_stop_button
    audacity_waveform
  7. Click the Audacity cursor directly before your message. (You can find out where this is by using the Play and Stop buttons.) From the Edit menu, choose Select then Track Start to Cursor. Push the Delete key on your keyboard. This will remove extraneous audio before your message. audacity_before
  8. Click the Audacity cursor directly after your message. From the Edit menu, choose Select then Cursor to Track End. Push the Delete key. This will remove extraneous audio after your message. audacity_after
  9. Choose Export from the File menu and save your voicemail. You can email it to a friend or save it in iTunes. audacity_export