I was recently asked how hard it would be to create a home network that is completely secure (as close as it gets anyways) from snooping ISPs or third parties so that the user can browse any site they want without risking anyone finding out about it. This means both tunneling all traffic through a VPN connection but also blocking any and all traffic that tries to get around the VPN. That is, no traffic should go directly to the ISP even if the VPN connection goes down.

There are several use cases for this, the most common probably being: 

  • Circumvent school or office firewalls.
  • Get around ISP blocks.
  • Peace of mind that no one can see what you are downloading.

The only downside to using a VPN is that your internet will be slightly slower, but if you use a good VPN provider you will only ever notice this if you are playing online action FPS games such as Counterstrike or Battlefield, for regular surfing or watching movies you will not notice any difference. 

What we are really doing is creating a secure tunnel through your ISP to the VPN redirecting all the traffic so that it seems to come from the VPN provider, leaving your ISP clueless to what you are doing and anyone on the internet only ever sees your VPN providers IP and never your real one.

BigImage 


Part 0: The requirements

To get this to work you need:

  1. A DD-WRT Mega compatible router (I am using a Asus RT-N16 that I had laying around).

  2. An account with a VPN provider that supports OpenVPN (don't use PPTP as it is not secure).
    I'm using Anonine, my favorite Swedish VPN provider. Heres a referal link if you want use them and support me: Anonine referal link.

  3. About 1 hour of your time.

 

Part 1: Configuring the VPN connection

I will assume that you have installed DD-WRT and are connected to the router at this point.

  1. Start by getting the Open VPN configuration files from your VPN provider. If you are using Anonine like me they are available here: https://anonine.com/en/account/server-info. Open the file you downloaded in wordpad or notepad (or whatever text editor you have handy).

    The file should look similar to this:

    BigImage

  2. Log into your router and Navigating to Services > VPN and Enable the OpenVPN Client.

  3. Using the configuration file from above configure the following OpenVPN settings. 

    • Copy IP/Name and Port (it is the part I have highlighted in my file above).
    • Check that your open VPN provider is using UDP as Tunneling Protocol (it should say "proto UDP" in the beginning of the file you downloaded, otherwise change it to TCP).
    • Enable NAT if it is not already enabled.
    • Set Hash Algorithm to SHA1


    This is what my OpenVPN client settings looked like after doing the above.

    BigImage

  4. Then, turn on Advanced options and enter the following in the Additional Config field.
    ns-cert-type server
    auth-user-pass "/tmp/auth.conf"
    persist-key persist-tun
    nobind 
    verb 2
  5. The next thing to do is to copy over the CA Certificate. In the configuration file you will have an area that looks similar to this, although the text between the Begin and end will be alot longer.

    BigImage

    Copy everything between the <ca></ca> tags including the begin and end text with their ---- lines and paste it into the CA Cert field.

    BigImage

  6. Click Save and Apply Settings at the botttom of the page

  7. Once this is done we need to create a file containing your username and password for the VPN service. Navigate to Administration > Commands and enter the following text, replacing username and password with your VPN providers username and password. Note that the newline between username and password is intentional.
    echo "username
    password" > /tmp/auth.conf 
    chmod 600 /tmp/auth.conf
  8. Click Save Startup 

  9. Next, navigate to Setup > Basic Setup and enter the DNS 8.8.8.8 or 8.8.4.4 (google DNS servers, or any other DNS you want) in the field Local DNS and Static DNS 1. You need to do this because once the VPN tunnel is up your local DNS will be blocked.

    BigImage

  10. Reboot your router using Administration > Management > Reboot Router button at the bottom of the page.

  11. Once the router has rebooted you can verify that the VPN connection is working by navigating to Status > OpenVPN. You should see something similar to this: 

    BigImage

  12. You can also verify that you are no longer disclosing your real ISP by browsing to http://whatismyipaddress.com/.

 

Part 2: Blocking all non VPN traffic

Once you have done all of the above steps you should be hidden behind a VPN. The VPN might however go down, and in such cases I wanted to make sure I am not leaking any information by accident. The solution for this is simple and called firewalls and iptables.

  1. Navigate to Administration > Commands on your router and paste the following code into the commands box.
    iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
    iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
    iptables -I FORWARD -i br0 -o vlan2 -j DROP
    iptables -I INPUT -i tun0 -j REJECT
    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

    This will allow all connections between tun0 (the VPN) and br0 (your LAN) and also block all traffic between br0 and vlan2 (the WAN port)

  2. Press Save Firewall. The commands tab should look similar to the below picture.

    BigImage

  3. Reboot the router using Administration > Management > Reboot Router button at the bottom of the page.

  4. You can verify that this works by going to Services > VPN and disabling OpenVPN (your settings will not be lost). If everything worked out correctly you should no longer be able to browse to any websites. Enabling (and possibly rebooting) the router should allow you to browse websites again.

Format Currency in C#

2017-01-04 17:00 

Two methods for formatting currency in C#. 

The purpose being that you can throw a string containging a number in it and get out a nicely formatted string containing something you can present to a user.

Example of output.

var amountParsed = FormatCurrency("3123", "USD", true, "Not Known");
> 3 123 USD

var amountParsed = FormatCurrency("31.3", "USD", true, "Not Known");
> 31.30 USD

var amountParsed = FormatCurrency("12343", "USD", false, "Not Known");
> 12 343 USD

var amountParsed = FormatCurrency("XXX", "USD", false, "Not Known");
> Not Known

 

Code:

private static string FormatCurrency(string decimalStringValue, string currency, bool includeDecimals, string emptyPlaceHolder)
{
    if (string.IsNullOrEmpty(decimalStringValue) == false)
    {
        decimal decResult = 0;
        try
        {
            if (decimal.TryParse(decimalStringValue.Trim(), out decResult))
            {
                string formatted = FormatCurrency(decResult, currency, includeDecimals);
                return formatted;
            }
        }
        catch (Exception) {}
    }

    return emptyPlaceHolder;

private static string FormatCurrency(decimal decimalValue, string currency, bool includeDecimals)
{
    if (string.IsNullOrEmpty(currency))
        currency = "SEK";
 
    var decimalTemp = Math.Round(decimalValue, 2);
    var nfi = (NumberFormatInfo)CultureInfo.InvariantCulture.NumberFormat.Clone();
    nfi.NumberGroupSeparator = " ";
    string formatted = decimalTemp.ToString("#,0.00", nfi);
    if (includeDecimals == false)
    {
        if (formatted.LastIndexOf('.') >= 0)
            formatted = formatted.Substring(0, formatted.LastIndexOf('.'));
    }
 
    formatted = formatted.Trim() + " " + currency;
    return formatted.Trim();
}


Formatting numbers in general is something I disslike and if I have to do it I only want to do it once. So here is a small javascript function I wrote to format currencies with configurable thousand separator as well as number of decimals and what separator for decimals. It also lets you append a string to the end such as "SEK" if you wish to add some form of currency or symbol.

Here is an example of different outputs.

formatMoney('0', 2, '.', ' ', ' SEK')  > 0.00 SEK
formatMoney('', 2, '.', ' ', ' SEK')  > 0.00 SEK
formatMoney('1.23', 2, '.', ' ', ' SEK')  > 1.23 SEK
formatMoney('12345.009', 2, '.', ' ', ' SEK')  > 12 345.01 SEK
formatMoney('5234231.9', 2, '.', ',', ' USD')  > 5,234,231.90 USD


And the code itself.

var formatMoney = function(value, decimals, decimalSeparator, thousandSeparator, currencyString) {
   if (value == null || isNaN(value))
      return "";

   var decimals = isNaN(c = Math.abs(decimals)) ? 2 : decimals;
   var decimalSeparator = decimalSeparator == undefined ? "." : decimalSeparator;
   var thousandSeparator = thousandSeparator == undefined ? " " : thousandSeparator;

   var negativeSign = value < 0 ? "-" : "";

   var valueNoDecimals = String(parseInt(value = Math.abs(Number(value) || 0).toFixed(decimals)));

   var spacingStart = 0;
   if ((valueNoDecimals.length) > 3)
      spacingStart = valueNoDecimals.length % 3;

   var leadingNumber = (spacingStart ? valueNoDecimals.substr(0, spacingStart) + thousandSeparator : "");
   var separatedMiddle = valueNoDecimals.substr(spacingStart).replace(/(\d{3})(?=\d)/g, "$1" + thousandSeparator);
   var decimals = (decimals ? decimalSeparator + Math.abs(value - valueNoDecimals).toFixed(decimals).slice(2) : "");

   var result = negativeSign + leadingNumber + separatedMiddle + decimals + currencyString;
   return result.trim();
};

Here is also a fiddle with the examples above: https://jsfiddle.net/zdsv09wc/

If you're curious as to whom uses what decimal separator there is a nice chart here explaining how everyone except the EU is wrong:
http://www.statisticalconsultants.co.nz/blog/how-the-world-separates-its-decimals.html


CRM Fielder

2016-11-18 14:36 

BigImage

 

This is a tool I've been creating over the last few months to simplify my work with Microsoft CRM. It's purpose is to expose and make it extremly quick to reach CRM Metadata such as entity names and  and field types etc.

The program currently has these functions implemented.

  • Search through all entities using logical or display names.
  • Search through all fields using logical or display names.
  • Search through both entities and fields at the same time finding any that match your query.
  • Display detailed information about specific fields
  • Generate enums that are copy paste ready for optionsets (se pictures below for examples).
  • Generate Excel documentation of entire CRM database metadata.
    • This includes all entities, both custom and standard
    • As well as all fields custom or not.
    • It lists all display names and field types.
    • Creates a separate sheet for all optionsets.
  • Lists all users and their guids (copy paste friendly for C#).

 

Read more about it and download here

 


Today I found out that you don't need a Mac if you want to debug a quirky looking web site on a iOS device.. something I did not think was possible..
But as it turns out this can quite easily be done using a windows 10 machine, a USB cable and an iOS device.

Here are the steps to do it.

Start out by getting these prerequisites: 

  • Install Itunes on your windows 10 Machine (there are drivers that come with it that we want) link.
  • Install Firefox link
  • Download iOS WebKit Debug Proxy Win32 but don't do anything with it yet. Make sure to take the x64 version if you have an x64 OS installed.
  • Have USB cable for you iOS device.

Once you have those things ready, enable debug mode in Safari on your iOS device by going to Settings > Safari > Advanced > Enable: Web Inspector.

SmallImage

Now connect you iOS device using a USB cable and make sure it comes up in ITunes, don't connect it through any type of USB hub (it refused to work through a HUB for me, and searching revealed several others had the same issue). 

Now unzip the iOS WebKit Debug Proxy Win32 into a folder of your choosing and run the .exe file. You might need to go through and unblock ALL the DLL files for it to work properly (open up their properties and click UNBLOCK, before I did this the console app just opened and closed with no error).

SmallImage

When you run the program you should see a console window with the following text. If you get errors here, make sure the device is connected and visible in Itunes and that it is unlocked. You might also want to try the x64 version if you are running the x86 version of the Webkit debug program. If that dosen't work, try disabling your firewall and see if that fixes it.

BigImage

Once you have the console app working, open up Safari on the iOS device and start Firefox. Press Shift + F8 to open up the firefox WebIDE. It should look something like this, you might want to open the Console as well as it might provide som insight into possible errors when connecting (Ctrl + Shift + K with the main firefox window active):

SmallImage

Now you might assume that you should press the Safari Firefox and others button in the WebIDE, and you can try. For me this just threw a bunch of annoying errors in the console. What you should press is Chrome Desktop, which oddly enough just worked right away.

There are a lot of people complaining about this not working here: https://github.com/mozilla/valence/issues/199 but as far as I can tell, as long as you press the Chrome button and not the Safari button it works.

The way this works is that you browse on the device as normal and in the Firefox WebIDE you can inspect the DOM and debug the scripts. When selecting a DOM element it is actually highlighted on the device too and updates and changes you make are reflected on the device as well. The network traffic itself seems to be unavailable though. 

SmallImageSmallImage