OLE Nepal: Blog Development: Difference between revisions

From OLPC
Jump to navigation Jump to search
(Migrating content from OLE Blog)
 
No edit summary
Line 10: Line 10:


[[Image:Activities-2.jpg]]
[[Image:Activities-2.jpg]]

==Our Plans for the School Server==

[http://blog.olenepal.org/index.php/archives/123#more-123 Our Plans for the School Server]<br/>January 23rd, 2008 By: bryan

Below is an e-mail that I wrote to several of the OLPC mailing lists. It was supposed to
be a concise summary of the work we are doing on the school server but it ended up
being way to long. I have posted it here because blogs are perfect for overly long messages.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

The purpose of this e-mail is to let the wider OLPC community know what
we are planning for the school server in Nepal’s spring test school and
to solicit your ideas on what we can do better. Sulochan Acharya and I
are leading the work on the school server for the test school. If you
are interested to learn who the heck we are, skip to the end of this
e-mail.

Sorry for the overly long e-mail but I think Sulo and I and have not
been sharing enough of our ideas w/ the rest of the OLPC community. So
it was time for a brain dump
Our Ideas for the School Server
——————————-

===1. Backing up Student data and sharing information:===

We are looking to use WebDav to back up the individual student’s home
folder to the school server.

Sulo will work this week on stripping down Moodle to bare bones for
sharing materials and general content management. Right now we are
considering using one acct for everyone. We don’t have any existing
Moodle courses in Nepali so we aren’t looking to deliver courseware
through Moodle.

Apparently, the guys at OLPC India are using drupal for content mgt. I
like Drupal but it seems to offer way more than what we are looking to
do: Share files, share projects, share documents. We’d like to see how they are using it.

How do we store team projects for later use? Perhaps the Journal will
allow us to do this in the future but I have the impression that it is
still under heavy development. Perhaps, the journal already handles this
well and I am simply misinformed. Please disabuse me of any false
notions.

====Issues:====
1. Does the School Identity Manager support LDAP? LDAP support is
essential for integrating existing content management systems w/
the School Server.

2. How do students share team projects for later use? For example,
Laxmi and Arun are working on an essay together. Laxmi started
the document and then shared it through the mesh w/ Arun. Arun goes home and
wants to work on the paper by himself for a while. He is
connected to the mesh but Laxmi’s XO doesn’t appear in the mesh
view. Can he still edit the document?

===2. Digital Library===

There isn’t much Nepali digital content on the Internet so part of OLE
Nepal’s work will be to digitize poems, literature, histories, etc. and
store them “somewhere.” Finding the right “somewhere,” turned out to be
more difficult than we thought. We needed a repository that could
support multiple front-ends, w/ simpler front-ends for novice users and
more complex front-ends for the people that will load content into the
repository.

This may sound like overkill to a lot of people but that is because they
are accustomed to the abundance of materials in their own language on
the Internet and/or access to physical libraries. There are very, very
few public libraries in Nepal and Nepali-language materials on the
Internet are quite limited. We don’t want to have to change out the
back-end repository 6 or 12 months from now if we choose something that
can’t scale.

We looked at Dspace and Eprints before settling on the fedora repository
server www.fedora-commons.org, not to be confused w/ fedora Linux. We
like fedora because it is a very powerful back-end repository that is
very scalable, up to 10 million objects. It is a true web service that
is decoupled from the front-end. We wouldn’t be telling the full truth
if we didn’t admit that we chose fedora in part due to the awesome
implementation of it by the Encyclopedia of Chicago
http://www.fedora-commons.org/about/outreach.php#video

We need to support multiple representations of a single object w/ in the
repository. For example, we need to allow users to access Nepal’s
constitution as both a .pdf file and as an .xol bundle. We have to
support non .xol bundles because we want people w/out XO’s to still be
able to access the library. Fedora lets us do this.

The problem w/ the fedora is that the off-the-shelf user interfaces are
fairly difficult to set up and maintain. Right now we are using
“Fez” http://dev-repo.library.uq.edu.au/wiki/index.php/Main_Page
It is a great front-end but was fairly time-consuming to install and
customize the interface.

Since the installation and maintenance of a fedora repository is fairly
complex we will try to use a centralized server and smart caching on the
school servers.

Matt Zumwalt of MediaShelf http://www.yourmediashelf.com/ has been
extremely helpful to us in working w/ fedora. I need to enlist his help
to figure out how to represent .xo and .xol bundles in the fedora
repository.

====Issues for the Digital Library:====
1. We will need the School Server to aggressively support caching
of requests from the library

2. The .info file format for content and activity bundles is not
XML. Ivan told me recently, “XML is a solution to a problem that
doesn’t exist.” Perhaps he and Eric Raymond are right, but we
need to a way to represent .xol metadata in the fedora
repository

3. .XO bundles don’t currently support Dublin Core metadata, the
standard for digital archives. I will be discussing this later
this week w/ SJ. For more about Dublin Core, read here
http://dublincore.org/documents/usageguide/#whatis

4. We need LDAP support on the School Server so users can access
their stored searches and virtual “book bag” of previously
accessed materials.

===3. What our team needs===

—————
Hardware:
10 more XO’s
2 active antennas

We really need about 10 more XO’s and 2 active antennas. I will be in Cambridge this Thursday and Michailis has generously already offered to
give me two. We really need more XO’s to test out the mesh and for our
development team of 4 people. I believe that Sulo is filling out the XO
request as I write this e-mail.

Our development team does way too little testing of our activities on
actual XO’s because we only have 2 working XO’s at the moment. The
result is that we don’t diagnose performance problems for our activities
until far too late in the development cycle.

===About us:===
———-
Open Learning Exchange Nepal is a local Nepali NGO that is part of the
grassroots OLPC community in Nepal. We have an agreement w/ the govt of
Nepal to help them implement OLPC at a Nepali school this April and
later in the fall at a larger # of schools. Sulochan Acharya and I are
working on the school server. Dev Mohanty of Nepal Wireless may also
spend a lot of time working on it w/ us.
There is also a development team at OLE Nepal of 4 people working
full-time on constructivist EToys for Math and English. They are working
hard to involve students, kids, and teachers in developing more
activities.

There is also the larger FOSS community that is contributing to OLPC in
Nepal. If you want to know more go to www.olenepal.org

There’s more that we are working on but don’t have to time to write
about right now. Thanks for reading to the end of this message!
Any comments, suggestions, ideas, or constructive criticism would be most appreciated.

Bryan Berry<br/>OLE Nepal<br/>[http://www.olenepal.org www.olenepal.org>]

==School Server Network Structure With Squid==

[http://blog.olenepal.org/index.php/archives/138#more-138 School Server Network Structure With Squid]<br/>February 12th, 2008 By: Sulochan Acharya

[[Image:school-squid1.gif|Squid Image]]

Here is the network structure for the school server with proxy setup.

# vi /etc/sysctl.conf

make
net.ipv4.ip_forward = 1
service network restart

Then ip-forwarding through ip-tables

# iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE
# iptables –append FORWARD –in-interface eth2 -j ACCEPT

squid

install and cofigure squid

——————–squid.conf————————————-

http_port 3128 transparent
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
access_log /var/log/squid/access.log squid
hosts_file /etc/hosts
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
# Add more acl rules here if we want more
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
acl lan src 192.168.0.113 192.168.1.0/24
http_access allow localhost
http_access allow lan
http_access deny all
http_reply_access allow all
icp_access allow all
visible_hostname sugaroffice.ole
always_direct allow all
coredump_dir /var/spool/squid

Direct port 80 requests to squid listen port (On the machine runnning the cache server)

iptables -t nat -A PREROUTING -i eth2 -p tcp –dport 80 -j DNAT –to 192.168.0.113:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128

Comments , corrections and ideas are welcome.

==How to (hack) customize a built for XO==

[http://blog.olenepal.org/index.php/archives/183#more-183 How to (hack) customize a built for XO]<br/>March 23rd, 2008 By: Sulochan Acharya

===The problem we faced:===
We needed a customized built for all our XOs that would have the default language set to Nepali, the default jabber server set to a local server, a set of activities to match the grade level of students, and some other stuff. We’ve been harassing OLPC developers to get a script that would do all this on install time so that we didn’t have to manually do this on every machine. Also, we wanted to make sure that a teacher with limited technical knowledge should be comfortable in re-flashing the XO if/when needed.
===The solution:===
After playing with it for a little bit and with some help from Ties, I figured out a really easy way to achieve this custom built (provided that you can get into the firmware). Well, not really a custom built—but will do the job just fine.
===Here is how:===
Get a XO and install the activities you want and change the language and jabber server to match you needs.
You can use the USB method or use sugar command to install activities.

To change your jabber server by editing the default sugar profile
Change the language to your language by either editing the .i18n file or by using sugar-control-panel -s language <your language> command.
Now, go to /home/olpc/.sugar/default directory, and delete a file named config . The reason to do this is so that next time you use this image on other XO s they can put in their own nickname and not have to use your name. This is the file that will be checked by sugar to see if a user named is configured, if this file is not present, it will prompt you to give your XO a name and choose color etc.

Next reboot the XO , press the x button and get into the firmware.

Now make a nand image of this machine on a USB stick with the save-nand command. It will create a img and a crc file associate with the image.

Wa la …we got what we wanted. An image that can be installed on our XO with the language, activities and server we wanted. All we have to do is just install this image on all other XO s to get the exact same settings. This simplified the process, and is pretty easy for everyone to do. We are using 698 built as a base so we still had to go the firmware and do a copy-nand to install the image. It will be great if someone can make a fs.zip for this built so that the whole process of installing goes back to pressing four game keys.

What are the drawbacks of doing this? I don’t know :)!! If anyone does leave a comment.

Let me know what you guys think.

===Important Comment===
Bryan Berry // Mar 23, 2008 at 6:23 pm

Hey dude! You forgot to mention how you changed the default Jabber server.

To change the Default Jabber server, change the variable DEFAULT_JABBER_SERVER to your Jabber server in the file
/usr/lib/python2.5/site-packages/sugar/profile.py

an

==School Network Update==

[http://blog.olenepal.org/index.php/archives/223#more-223 School Network Update]<br/>April 1st, 2008 By: Dev Mohanty

Over the last few of weeks the networking team has been working hard in getting together a concrete plan, to connect the pilot schools. The network had to be both cost effective as well scalable. So, with all the options available it was decided to connect the schools and the relays over Wireless with cheap point to point Wi-Fi radios from the Kathmandu Valley.

First we conducted field visits to the schools and the Dept of Education (DOE) in the valley and the surrounding area to collect GPS data. Which helped us a great deal with the network design and also chart out the various relay points we could use in places where we didn’t have direct line of sight with other network nodes.

We are using Deliberant brand of radios for the point-to-point connection to the Department of Education. The radio have an effective bandwidth 8 Mbps in the 802.11b standard. The radios from the schools are transmitting at an air distance of 4 km to the DOE located in the valley, which is right next to the international airport, so we’d figured we would be having interferences.

[[Image:DOE_2_Schools1.jpg|DOE relaying to schools]]

We are using 12 dbi omni-directional antennas from Deliberant Networks, on-site at both schools, powere by a DLB2701 radio. We decided not use the Active Antennas, as they didn’t quite perform upto our expectations. The 250 mw radio is the access point for the XO’s. It costs roughly 150 USD and has a range of 12 km in ideal conditions. We also do not intend to use VSAT for any of Nepal’s pilot schools. Though installation is not terribly expensive but monthly bandwidth charges are prohibitively expensive when compared with the cost of long-range wifi networks, as pioneered by Nepal Wireless Project.

[[Image:School_network.jpg|School Network]]

Below is the connectivity diagram between OLE-DOE and the pilot schools. DOE is connected to Ratobangla School in the valley over Canopy radios. And further relays to both schools with a 19dbi Deliberant radio. The radio at DOE is being used as a point to multi-point radio, as it connects to both schools simultaneously. Since both schools do not have a direct line of sight with DOE, we are using relay centres about 100 meters away from the school buildings. OLE is connected to Ratabangla school over a VLAN network installed by Subisu Network, connected at 1/1 Mbps intranet and 256/160 Kbps internet access shared with both schools.

The school servers would be installed on-site at both schools, while we have a proxy and the E-library setup at DOE. We would also be setting a cache server at DOE to save on the bandwidth and plan to monitor usage from OLE across the network while also uploading new educational material as and when ready.

[[Image:olen.jpg|OLE Network]]

Below are some of the daily notes taken down while setting up the network.

===DOE===

====15th March 08 Update====

We got an 16dbi Deliberant installed at DOE. Being a hazy day, the hills where the schools were located were pretty much next to not being visible. So getting the angles right was all the more challenging, as this relay needs to be broadcasting to both schools simultaneously. And unlike a Canopy a Deliberant radio can broadcast to different relays within an angle of 60-70 degrees. So let’s hope we’ve got it right, which we’d know once at Bashuki.

====19th March 08 Update====

We installed an 19dbi Deliberant at DOE and removed the 16dbi radio. We’re now connected to the school at 70 dbm Rssi and 0% packet loss, which is just what we needed.

===Bashuki School:===

Right on the hill-top there is an army base which is about a 100 yards away from the School. The army base has direct line-of-sight with the Department of Education, in a range of 3-4 km air distance.

We plan to mount a Point-to-Point radio for Bashuki School either at the adjacent Military Post or on a tree situated on a high hilltop. The radio located near Bashuki will connect to a multi-point radio located at the Department of Education, 8 km (by road) east of the school and in direct line of sight.

====[25th March 08 Update]====

[[Image:rabi_n_mahabir.jpg|Rabi and Mahabir clamping CAT6]]

We were back to the school to complete this end of the networking. Which required us to fix a relay from DOE at the Army outpost and get it connected to the school and also setup an omni antenna as an AP for the XOs. After half an hour of diplomatic talk with the Army officer in-charge of the barrack, we were finally allowed to setup it up. Since we could not use power from the barrack. We decided to run a cat5 cable across to the school about 100 mtrs away to power up the radio over POE from the switch at the school. For certain reasons the 16di radio refused to power up, and we had to use the 19dbi radio instead as the relay which gave connectivity at 72 dbm rssi 0% packet loss. That was the highlight of the day, as the omni radio too refused to power up, so we didn’t get to install it.

[[Image:army_camp.jpg|Setting radio at the Army Camp]]

Prior to leaving we did install a battery and an UPS with the XS connected to the switch, though it all needs to be thoroughly tested. Maybe in a couple of days, when I get there next to install the omni radio.

===Bishwamitra School:===

The school itself is a bad location for our long range antenna as it is nestled into the hillside. It does not have line-of-sight with the Department of Education. Instead we are using a house located on the hill opposite the school as a Relay site.

The owner of this house has generously agreed to let us mount our network equipment on his house. We will place the Point-to-Point antenna in the topmost window, which has a line-of-sight view with our Multi-point radio at the Department of Education. We will place our omni-directional antenna on the lower part of the roof facing towards the school. This house is roughly 100 meters from the school. We will have to test the signal strength within the classrooms. If it is too weak, we will run a Cat 6 cable down to the school. We also like putting the antenna in the house because the antenna will less likely be stolen.

[[Image:bishwa_antenna_house_small1.jpg|Relay house at Bishwamitra]]

====[16th March 08 Update]====

We headed off to Bishwamitra School, this time we were accompanied by Mahabir Pun, Rabi & Sulochan. Mahabir had been approached by a TV company, who needed some shots of him working on site for an ad campaign. So we decided to to club in and take the crew to Jyamirkot as we needed to install a couple of radios there for the school.

It was an hours ride to the base of the hill and a 15 mins trek up with all the equipment. We were welcomed by the school authorities, who got busy right away arranging for electricity for the house where we’d decided to get the radios installed. Believe this house had not been inhabited in quite a while and was completely empty.

We had a jolly good time unpacking and getting the radios fixed up while the film crew was busy shooting us at it and with our brilliant acting skills, the crew needed no retakes! Once they had their shots we got to some serious work.

[[Image:mahabir.jpg|Mahabir fixing the radio]]

The 16dbi radio got fixed at the window looking out to the valley below, where DOE is located. Once installed we were able to connect to the other radio at DOE which had just been fixed the previous day. Though it needed a lot of tweaking to improve the signal and at best we got connectivity at 84 dbm rssi with 10% packet loss. So we decided that the radio at DOE needed a bit more tweaking or we might have to be change it to a 19dbi Deliberant radio. As Kathmandu International Airport happens to be right next to DOE, we’re assuming it might be causing a lot of interference and hence the packet loss.

[[Image:rabi_n_sulo1.jpg|Rabi and Sulo fixing Omni]]

Rabi and Sulo got the Omni antenna fixed by the side of house facing the school. This 12dbi antenna is attached to a DLB2701 access point, which is a 250 mw radio. Sulo had taken a XO with him to test the AP range and was satisfied with the signal around the school and the village. If required we would also enhance the signal by adding a reflector to the omni facing the school to make it work as a sectoral antenna.

With the omni working out to our expectations, we’re glad that we didn’t have to use the CAT6 cables that we had taken along with us. As it would have been a herculean task having to connect it all the way to the school from the relay.

Revision as of 08:02, 22 May 2008

Development

New Activities-Screenshots

New Activities-Screenshots
December 14th, 2007 By: Sulochan Acharya

Here are a few screenshots of our new activities.

Activities-1.jpg

Activities-2.jpg

Our Plans for the School Server

Our Plans for the School Server
January 23rd, 2008 By: bryan

Below is an e-mail that I wrote to several of the OLPC mailing lists. It was supposed to be a concise summary of the work we are doing on the school server but it ended up being way to long. I have posted it here because blogs are perfect for overly long messages.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

The purpose of this e-mail is to let the wider OLPC community know what we are planning for the school server in Nepal’s spring test school and to solicit your ideas on what we can do better. Sulochan Acharya and I are leading the work on the school server for the test school. If you are interested to learn who the heck we are, skip to the end of this e-mail.

Sorry for the overly long e-mail but I think Sulo and I and have not been sharing enough of our ideas w/ the rest of the OLPC community. So it was time for a brain dump Our Ideas for the School Server ——————————-

1. Backing up Student data and sharing information:

We are looking to use WebDav to back up the individual student’s home folder to the school server.

Sulo will work this week on stripping down Moodle to bare bones for sharing materials and general content management. Right now we are considering using one acct for everyone. We don’t have any existing Moodle courses in Nepali so we aren’t looking to deliver courseware through Moodle.

Apparently, the guys at OLPC India are using drupal for content mgt. I like Drupal but it seems to offer way more than what we are looking to do: Share files, share projects, share documents. We’d like to see how they are using it.

How do we store team projects for later use? Perhaps the Journal will allow us to do this in the future but I have the impression that it is still under heavy development. Perhaps, the journal already handles this well and I am simply misinformed. Please disabuse me of any false notions.

Issues:

1. Does the School Identity Manager support LDAP? LDAP support is essential for integrating existing content management systems w/ the School Server.

2. How do students share team projects for later use? For example, Laxmi and Arun are working on an essay together. Laxmi started the document and then shared it through the mesh w/ Arun. Arun goes home and wants to work on the paper by himself for a while. He is connected to the mesh but Laxmi’s XO doesn’t appear in the mesh view. Can he still edit the document?

2. Digital Library

There isn’t much Nepali digital content on the Internet so part of OLE Nepal’s work will be to digitize poems, literature, histories, etc. and store them “somewhere.” Finding the right “somewhere,” turned out to be more difficult than we thought. We needed a repository that could support multiple front-ends, w/ simpler front-ends for novice users and more complex front-ends for the people that will load content into the repository.

This may sound like overkill to a lot of people but that is because they are accustomed to the abundance of materials in their own language on the Internet and/or access to physical libraries. There are very, very few public libraries in Nepal and Nepali-language materials on the Internet are quite limited. We don’t want to have to change out the back-end repository 6 or 12 months from now if we choose something that can’t scale.

We looked at Dspace and Eprints before settling on the fedora repository server www.fedora-commons.org, not to be confused w/ fedora Linux. We like fedora because it is a very powerful back-end repository that is very scalable, up to 10 million objects. It is a true web service that is decoupled from the front-end. We wouldn’t be telling the full truth if we didn’t admit that we chose fedora in part due to the awesome implementation of it by the Encyclopedia of Chicago http://www.fedora-commons.org/about/outreach.php#video

We need to support multiple representations of a single object w/ in the repository. For example, we need to allow users to access Nepal’s constitution as both a .pdf file and as an .xol bundle. We have to support non .xol bundles because we want people w/out XO’s to still be able to access the library. Fedora lets us do this.

The problem w/ the fedora is that the off-the-shelf user interfaces are fairly difficult to set up and maintain. Right now we are using “Fez” http://dev-repo.library.uq.edu.au/wiki/index.php/Main_Page It is a great front-end but was fairly time-consuming to install and customize the interface.

Since the installation and maintenance of a fedora repository is fairly complex we will try to use a centralized server and smart caching on the school servers.

Matt Zumwalt of MediaShelf http://www.yourmediashelf.com/ has been extremely helpful to us in working w/ fedora. I need to enlist his help to figure out how to represent .xo and .xol bundles in the fedora repository.

Issues for the Digital Library:

1. We will need the School Server to aggressively support caching of requests from the library

2. The .info file format for content and activity bundles is not XML. Ivan told me recently, “XML is a solution to a problem that doesn’t exist.” Perhaps he and Eric Raymond are right, but we need to a way to represent .xol metadata in the fedora repository

3. .XO bundles don’t currently support Dublin Core metadata, the standard for digital archives. I will be discussing this later this week w/ SJ. For more about Dublin Core, read here http://dublincore.org/documents/usageguide/#whatis

4. We need LDAP support on the School Server so users can access their stored searches and virtual “book bag” of previously accessed materials.

3. What our team needs

————— Hardware: 10 more XO’s 2 active antennas

We really need about 10 more XO’s and 2 active antennas. I will be in Cambridge this Thursday and Michailis has generously already offered to give me two. We really need more XO’s to test out the mesh and for our development team of 4 people. I believe that Sulo is filling out the XO request as I write this e-mail.

Our development team does way too little testing of our activities on actual XO’s because we only have 2 working XO’s at the moment. The result is that we don’t diagnose performance problems for our activities until far too late in the development cycle.

About us:

———- Open Learning Exchange Nepal is a local Nepali NGO that is part of the grassroots OLPC community in Nepal. We have an agreement w/ the govt of Nepal to help them implement OLPC at a Nepali school this April and later in the fall at a larger # of schools. Sulochan Acharya and I are working on the school server. Dev Mohanty of Nepal Wireless may also spend a lot of time working on it w/ us. There is also a development team at OLE Nepal of 4 people working full-time on constructivist EToys for Math and English. They are working hard to involve students, kids, and teachers in developing more activities.

There is also the larger FOSS community that is contributing to OLPC in Nepal. If you want to know more go to www.olenepal.org

There’s more that we are working on but don’t have to time to write about right now. Thanks for reading to the end of this message! Any comments, suggestions, ideas, or constructive criticism would be most appreciated.

Bryan Berry
OLE Nepal
www.olenepal.org>

School Server Network Structure With Squid

School Server Network Structure With Squid
February 12th, 2008 By: Sulochan Acharya

Squid Image

Here is the network structure for the school server with proxy setup.

  1. vi /etc/sysctl.conf

make net.ipv4.ip_forward = 1 service network restart

Then ip-forwarding through ip-tables

  1. iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE
  2. iptables –append FORWARD –in-interface eth2 -j ACCEPT

squid

install and cofigure squid

——————–squid.conf————————————-

http_port 3128 transparent hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY acl apache rep_header Server ^Apache access_log /var/log/squid/access.log squid hosts_file /etc/hosts refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 # https, snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp

  1. Add more acl rules here if we want more

acl purge method PURGE acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost acl lan src 192.168.0.113 192.168.1.0/24 http_access allow localhost http_access allow lan http_access deny all http_reply_access allow all icp_access allow all visible_hostname sugaroffice.ole always_direct allow all coredump_dir /var/spool/squid

Direct port 80 requests to squid listen port (On the machine runnning the cache server)

iptables -t nat -A PREROUTING -i eth2 -p tcp –dport 80 -j DNAT –to 192.168.0.113:3128 iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128

Comments , corrections and ideas are welcome.

How to (hack) customize a built for XO

How to (hack) customize a built for XO
March 23rd, 2008 By: Sulochan Acharya

The problem we faced:

We needed a customized built for all our XOs that would have the default language set to Nepali, the default jabber server set to a local server, a set of activities to match the grade level of students, and some other stuff. We’ve been harassing OLPC developers to get a script that would do all this on install time so that we didn’t have to manually do this on every machine. Also, we wanted to make sure that a teacher with limited technical knowledge should be comfortable in re-flashing the XO if/when needed.

The solution:

After playing with it for a little bit and with some help from Ties, I figured out a really easy way to achieve this custom built (provided that you can get into the firmware). Well, not really a custom built—but will do the job just fine.

Here is how:

Get a XO and install the activities you want and change the language and jabber server to match you needs. You can use the USB method or use sugar command to install activities.

To change your jabber server by editing the default sugar profile Change the language to your language by either editing the .i18n file or by using sugar-control-panel -s language <your language> command. Now, go to /home/olpc/.sugar/default directory, and delete a file named config . The reason to do this is so that next time you use this image on other XO s they can put in their own nickname and not have to use your name. This is the file that will be checked by sugar to see if a user named is configured, if this file is not present, it will prompt you to give your XO a name and choose color etc.

Next reboot the XO , press the x button and get into the firmware.

Now make a nand image of this machine on a USB stick with the save-nand command. It will create a img and a crc file associate with the image.

Wa la …we got what we wanted. An image that can be installed on our XO with the language, activities and server we wanted. All we have to do is just install this image on all other XO s to get the exact same settings. This simplified the process, and is pretty easy for everyone to do. We are using 698 built as a base so we still had to go the firmware and do a copy-nand to install the image. It will be great if someone can make a fs.zip for this built so that the whole process of installing goes back to pressing four game keys.

What are the drawbacks of doing this? I don’t know :)!! If anyone does leave a comment.

Let me know what you guys think.

Important Comment

Bryan Berry // Mar 23, 2008 at 6:23 pm

Hey dude! You forgot to mention how you changed the default Jabber server.

To change the Default Jabber server, change the variable DEFAULT_JABBER_SERVER to your Jabber server in the file /usr/lib/python2.5/site-packages/sugar/profile.py

an

School Network Update

School Network Update
April 1st, 2008 By: Dev Mohanty

Over the last few of weeks the networking team has been working hard in getting together a concrete plan, to connect the pilot schools. The network had to be both cost effective as well scalable. So, with all the options available it was decided to connect the schools and the relays over Wireless with cheap point to point Wi-Fi radios from the Kathmandu Valley.

First we conducted field visits to the schools and the Dept of Education (DOE) in the valley and the surrounding area to collect GPS data. Which helped us a great deal with the network design and also chart out the various relay points we could use in places where we didn’t have direct line of sight with other network nodes.

We are using Deliberant brand of radios for the point-to-point connection to the Department of Education. The radio have an effective bandwidth 8 Mbps in the 802.11b standard. The radios from the schools are transmitting at an air distance of 4 km to the DOE located in the valley, which is right next to the international airport, so we’d figured we would be having interferences.

DOE relaying to schools

We are using 12 dbi omni-directional antennas from Deliberant Networks, on-site at both schools, powere by a DLB2701 radio. We decided not use the Active Antennas, as they didn’t quite perform upto our expectations. The 250 mw radio is the access point for the XO’s. It costs roughly 150 USD and has a range of 12 km in ideal conditions. We also do not intend to use VSAT for any of Nepal’s pilot schools. Though installation is not terribly expensive but monthly bandwidth charges are prohibitively expensive when compared with the cost of long-range wifi networks, as pioneered by Nepal Wireless Project.

School Network

Below is the connectivity diagram between OLE-DOE and the pilot schools. DOE is connected to Ratobangla School in the valley over Canopy radios. And further relays to both schools with a 19dbi Deliberant radio. The radio at DOE is being used as a point to multi-point radio, as it connects to both schools simultaneously. Since both schools do not have a direct line of sight with DOE, we are using relay centres about 100 meters away from the school buildings. OLE is connected to Ratabangla school over a VLAN network installed by Subisu Network, connected at 1/1 Mbps intranet and 256/160 Kbps internet access shared with both schools.

The school servers would be installed on-site at both schools, while we have a proxy and the E-library setup at DOE. We would also be setting a cache server at DOE to save on the bandwidth and plan to monitor usage from OLE across the network while also uploading new educational material as and when ready.

OLE Network

Below are some of the daily notes taken down while setting up the network.

DOE

15th March 08 Update

We got an 16dbi Deliberant installed at DOE. Being a hazy day, the hills where the schools were located were pretty much next to not being visible. So getting the angles right was all the more challenging, as this relay needs to be broadcasting to both schools simultaneously. And unlike a Canopy a Deliberant radio can broadcast to different relays within an angle of 60-70 degrees. So let’s hope we’ve got it right, which we’d know once at Bashuki.

19th March 08 Update

We installed an 19dbi Deliberant at DOE and removed the 16dbi radio. We’re now connected to the school at 70 dbm Rssi and 0% packet loss, which is just what we needed.

Bashuki School:

Right on the hill-top there is an army base which is about a 100 yards away from the School. The army base has direct line-of-sight with the Department of Education, in a range of 3-4 km air distance.

We plan to mount a Point-to-Point radio for Bashuki School either at the adjacent Military Post or on a tree situated on a high hilltop. The radio located near Bashuki will connect to a multi-point radio located at the Department of Education, 8 km (by road) east of the school and in direct line of sight.

[25th March 08 Update]

Rabi and Mahabir clamping CAT6

We were back to the school to complete this end of the networking. Which required us to fix a relay from DOE at the Army outpost and get it connected to the school and also setup an omni antenna as an AP for the XOs. After half an hour of diplomatic talk with the Army officer in-charge of the barrack, we were finally allowed to setup it up. Since we could not use power from the barrack. We decided to run a cat5 cable across to the school about 100 mtrs away to power up the radio over POE from the switch at the school. For certain reasons the 16di radio refused to power up, and we had to use the 19dbi radio instead as the relay which gave connectivity at 72 dbm rssi 0% packet loss. That was the highlight of the day, as the omni radio too refused to power up, so we didn’t get to install it.

Setting radio at the Army Camp

Prior to leaving we did install a battery and an UPS with the XS connected to the switch, though it all needs to be thoroughly tested. Maybe in a couple of days, when I get there next to install the omni radio.

Bishwamitra School:

The school itself is a bad location for our long range antenna as it is nestled into the hillside. It does not have line-of-sight with the Department of Education. Instead we are using a house located on the hill opposite the school as a Relay site.

The owner of this house has generously agreed to let us mount our network equipment on his house. We will place the Point-to-Point antenna in the topmost window, which has a line-of-sight view with our Multi-point radio at the Department of Education. We will place our omni-directional antenna on the lower part of the roof facing towards the school. This house is roughly 100 meters from the school. We will have to test the signal strength within the classrooms. If it is too weak, we will run a Cat 6 cable down to the school. We also like putting the antenna in the house because the antenna will less likely be stolen.

Relay house at Bishwamitra

[16th March 08 Update]

We headed off to Bishwamitra School, this time we were accompanied by Mahabir Pun, Rabi & Sulochan. Mahabir had been approached by a TV company, who needed some shots of him working on site for an ad campaign. So we decided to to club in and take the crew to Jyamirkot as we needed to install a couple of radios there for the school.

It was an hours ride to the base of the hill and a 15 mins trek up with all the equipment. We were welcomed by the school authorities, who got busy right away arranging for electricity for the house where we’d decided to get the radios installed. Believe this house had not been inhabited in quite a while and was completely empty.

We had a jolly good time unpacking and getting the radios fixed up while the film crew was busy shooting us at it and with our brilliant acting skills, the crew needed no retakes! Once they had their shots we got to some serious work.

Mahabir fixing the radio

The 16dbi radio got fixed at the window looking out to the valley below, where DOE is located. Once installed we were able to connect to the other radio at DOE which had just been fixed the previous day. Though it needed a lot of tweaking to improve the signal and at best we got connectivity at 84 dbm rssi with 10% packet loss. So we decided that the radio at DOE needed a bit more tweaking or we might have to be change it to a 19dbi Deliberant radio. As Kathmandu International Airport happens to be right next to DOE, we’re assuming it might be causing a lot of interference and hence the packet loss.

Rabi and Sulo fixing Omni

Rabi and Sulo got the Omni antenna fixed by the side of house facing the school. This 12dbi antenna is attached to a DLB2701 access point, which is a 250 mw radio. Sulo had taken a XO with him to test the AP range and was satisfied with the signal around the school and the village. If required we would also enhance the signal by adding a reflector to the omni facing the school to make it work as a sectoral antenna.

With the omni working out to our expectations, we’re glad that we didn’t have to use the CAT6 cables that we had taken along with us. As it would have been a herculean task having to connect it all the way to the school from the relay.