Fix for Xbox 360 Open NAT on Linksys

Wednesday Feb 11, 2009

     Router Firmware should always be updated to the latest version if, for nothing else, than to ensure that the security of your network — even if nothing is connected that you’re worried about. Unfortunately, security breaches these days are a nuisance to the Internet as a whole as too many Internet-connected systems are becoming Keyloggers and Spam Zombies which can be used in concerted efforts to lodge both hacks and Denials of Service to other systems.

     Many people have complained about not being able to get the Xbox 360 with Xbox Live to recognize the Open NAT on the latest Linksys firmware. Unfortunately, many “gurus” have asked that people downgrade their firmware on Linksys WRT-based routers, a move which is both a bad idea for security purposes, and leaves other non-WRT Linksys routers without a solution.

     The easy way to get Open NAT on the Linksys is a bit obscure, and perhaps mislabeled in the Linksys interface. Open up the Browser interface to your Linksys (http://192.168.1.1/ if you left it as default), and go to your Security section. On the Filter tab, check the box beside “Filter NAT Redirect” and “Save” at the bottom.

     Now, on your Xbox 360, configured with Automatic settings (and not set in a DMZ like many “experts” have recommended), you should now have Open NAT.

Note: On some Linksys routers, the location of these options may change, but a dilligent search through the Web interface should reveal the options.  This solution also works for routers loaded with the much-improved DD-WRT firmware.

Tags : | add comments

Fix for Cpanel’s WHM PEAR Installer

Tuesday Jan 20, 2009

     In Cpanel, performing an EasyApache update to Apache 2.x & PHP 5.x breaks PEAR more often than not.  Cpanel admins and users are left with only the very basic PEAR modules, and are unable to use the Module Installer front-end due to error messages indicating that every package one attempts to install is invalid.
     Attempting to install Net_URL, for instance, results in the following:

downloading Net_URL-1.0.15.tgz …
Starting to download Net_URL-1.0.15.tgz (6,303 bytes)
…..done: 6,303 bytes
Could not get contents of package “/root/tmp/pear/cache/Net_URL-1.0.15.tgz”. Invalid tgz file.
Download of “pear/Net_URL” succeeded, but it is not a valid package archive
Error: cannot download “pear/Net_URL”
Download failed
install failed

     The problem is caused by differences in the way PHP 5.2.x parses code, and can be fixed by manually patching the listContent function in PEAR’s Archive_Tar package.  Open /usr/local/lib/php/Archive/Tar.php and look at the offending Line 220:

//            if (!$this->_extractList('', $v_list_detail, "list", '', '')) {
            $x = $this->_extractList('', $v_list_detail, "list", '', '');
            if (!$x) {

     We commented it out, and added two more lines.  Now, from both the command-line & WHM interface, everything magically works.

Note: In some instances (depending on your OS, Cpanel version & build options — multiple servers show no uniformity), you’ll have to make the same change to /usr/lib/php/Archive/Tar.php.

Tags : | add comments

Dual Fix for Ensim/Parallels PAM Modules

Monday Dec 1, 2008

/var/log/secure gets slammed with these errors every time anyone tries to connect to any service which requires authorization:

Deprecated pam_stack module called from service
     [servicename]
pam_env([servicename]:setcred):
     Unable to open env file: /etc/environment

The fix has been elusive, as Ensim continues to re-write the pam.d files, but running this script will take care of both issues posthaste.

Save this as /usr/local/sbin/fix_pam:

#!/bin/sh

# -----------------------------------------------------------------------------
#
# fix_pam ver 1.0a
#
# (c) Copyright 2007 Mark Steel / Catalyst IT. All rights reserved.
#
# This script may only be distributed unmodified.
#
# This script is intended to be used to fix the "depracated pam stack module"
# errors on servers and virtual hosts.
#
# NOTE: THIS SCRIPT IS NOT GPL
#
# -----------------------------------------------------------------------------

perl -i -p -e 's/required(.*)pam_stack.so service=system-auth/include\tsystem-auth/' /etc/pam.d/*
perl -i -p -e 's/pam_pwdb/pam_unix/' /etc/pam.d/*
perl -i -p -e 's/pam_env.so$/pam_env.so readenv=0/' /etc/pam.d/system-auth

perl -i -p -e 's/pam_env.so$/pam_env.so readenv=0/' /home/virtual/FILESYSTEMTEMPLATE/siteinfo/etc/pam.d/system-auth
VIRTUAL=`find /home/virtual/FILESYSTEMTEMPLATE -name pam.d`
for i in $VIRTUAL; do
perl -i -p -e 's/required(.*)pam_stack.so service=system-auth/include\tsystem-auth/' $i/*
perl -i -p -e 's/pam_pwdb/pam_unix/' $i/*
done

DOMAINS=`sitelookup -a site_root`
for i in $DOMAINS; do
perl -i -p -e 's/required(.*)pam_stack.so service=system-auth/include\tsystem-auth/' $i/etc/pam.d/*
perl -i -p -e 's/pam_pwdb/pam_unix/' $i/etc/pam.d/*
perl -i -p -e 's/pam_env.so$/pam_env.so readenv=0/' $i/etc/pam.d/system-auth
done

service saslauthd restart

Run once, and you’re golden.

Tags : | add comments

Website Redevelopment

Monday Nov 24, 2008

     After using the same site design for eight years, an executive decision has been made:

     It’s time to redesign and revamp our website!

     In coming days, you’ll find more information about our final re-branding under CatalystX and the more robust array of services we provide.

     Stayed tuned!

Tags : | add comments

Nine Year Anniversary Upcoming!

Sunday Nov 16, 2008

     As we approach our nine year Anniversary in January 2009, CatalystX is now proud to provide, a full range of services including Business and Technology consulting, on-site and remote Systems Administration, Web and Applications hosting, and New Media and Print graphic design services.

     Stayed tuned for more information and deals from CatalystX!

Tags : | add comments
Next Entries