I managed to snag an old PowerBook G4 from the scrap heap. Problem is, 10.5 is the latest version of OSX to run on it, and the latest version of Microsoft Word doesn’t run on it either.

What’s a guy to do? Install Linux on it, of course.

I installed Ubuntu 12.04 LTS (long-term release).

First, download the ISO on this page:
http://cdimage.ubuntu.com/releases/12.04/release/

You are looking for the link that says:

Mac (PowerPC) and IBM-PPC (POWER5) desktop CD
For Apple Macintosh G3, G4, and G5 computers, including iBooks and PowerBooks as well as IBM OpenPower machines.

This is a live CD which is painfully slow, but should boot into a working desktop. The only caveat is that the wireless won’t work.

I used the button to install the live cd to the hard drive, then plugged a physical, wired network connection and ran:

sudo apt-get update
sudo apt-get install linux-firmware-nonfree

Then I rebooted the computer, because it makes me feel warm and fuzzy (it's probably not necessary).

After you reboot you can use the gui in the upper right corner to connect to a wireless network.

 

How do I update the system software?

Get to the command line, then run:

sudo apt-get update
sudo apt-get upgrade

To update all the packages.

 

How do I right-click on this thing?

Middle-click is mapped on F11

Right-click on F12.  You can also right-click by making a "two-finger tap" on the touchpad.

 

How do I get the sound to work?

You don't?  This site lists it as a known issue, and has a help link, but it was no help to me.

https://wiki.edubuntu.org/PowerPCKnownIssues

 

How do I remap Caps Lock to Control?
This isn't a standard thing, but I have no idea why.  HOW OFTEN DO YOU NEED TO TYPE IN ALL CAPS?  Basically never, but I use control all the time, especially as a programmer.

Add the lines below to a file called “.profile” under your home directory (create the file, if necessary):

if [ $DISPLAY ]
then
# Add the 3 lines below to Convert caps-lock into Control
xmodmap -e 'remove Lock = Caps_Lock'
xmodmap -e 'keysym Caps_Lock = Control_L'
xmodmap -e 'add Control = Control_L'
fi

 

How do I install Chrome?

You don't, there is no Chrome support for G4 (powerpc) processors.

 

How do I install Open Office?

You don't!  Apparently since Sun bought Oracle in 2010, Open Office is not under active development.  Instead, click on the shopping bag in the menu bar to open the Ubuntu Software Center, and search for LibreOffice (a fork of Open Office, which is under active development).

I inherited an old Request Tracker (RT) install, and I’ve been tasked with becoming the RT expert. The request-tracker package is a great little piece of software, but somewhere along the line the “10 highest priority tickets I own” widget in the dashboard stopped having functional links. The links appear, but the a href=” tag just didn’t have anything after the a. It looked like:
‘<a>__id__</a>/TITLE:#’, etc.

My Ticket URL’s are wrong! So, here’s the fix. I had to update the search whose results show in that Link Tickets box thingy.

1. On the “RT at a glance” dashboard, click “edit” in the upper right corner of the “10 highest priority tickets I own” box.
2. At the top of the page it says: “You can also edit the predefined search itself: Search – My Tickets” Search – My Tickets is a link, click on that link.
3. Click “Advanced” at the top of the page.
4. In the format box, make sure you have the following:
   ‘<a href=”/Ticket/Display.html?id=__id__”>__id__</a>/TITLE:#’,
   ‘<a href=”/Ticket/Display.html?id=__id__”>__Subject__<</a>/TITLE:Subject',
   ‘__Priority__’,
   ‘__QueueName__’,
   ‘__ExtendedStatus__’
   You probably just need to add the href… stuff in the link tag.
5. Click “Apply” in the lower right corner.
6. YOU’RE NOT DONE! Find the “Saved Searches” box on the right. Click the “Update” button.
7. Now if you click on “Home” in the upper left, the tickets in your top ten should be click-able.

What is NAT? It stands for Network Address Translation. It means that we can have a public IP outside the Cisco Firewall, and it will route traffic inside to the internal address we select. Of course, because it’s a firewall, we need to tell the ASA5055 what traffic to allow through the firewall to the inside address. The decision on what to allow through is based on what port the traffic is coming in on.

This is all very easy to do on consumer grade hardware, but it’s difficult to do on the ASA5505 using the Cisco ASDM. I’m going to go through the steps I went through to set up NAT and port forwarding using the ASDM software.

First, setting up NAT

1. Use the ASDM software to log into your device.
2. Click “Configuration” at the top, then “NAT” on the left.
3. Click “Add,” then select “Add Static NAT Rule…”
4. Under “Real Address” type the destination, or internal address. For example: “192.168.10.111”
5. Change Netmask to: “255.255.255.255”
6. Under “Static Translation,” change the Interface to: “outside.”
7. Enter the outside, routable IP which you want to use to access the device from outside the firewall.
8. Click “OK.”
9. Click “Apply.”

Allowing traffic through the firewall, or Port Forwarding

Now all packets which are allowed through the firewall and are addressed to the outside IP address we just named will be delivered to the internal IP address. So, to use our internal IP address as a server, we need to open the firewall to allow traffic to come to this device.

1. Click “Security Policy” on the left.
2. First, we are going to define the services we want to let through. Click the “Services” tab in the right pane.
3. You’ll see a list of pre-defined services. This is helpful (especially http and https), but there are probably services you’ll use that aren’t listed here.
   • Fileshares:
     Click “Add,” then TCP-UDP Service Group
     Type in a “Group Name” such as “fileshare.”
     Check the “Port #” radio button.
     Type in “137” to “139” and click the “Add >>” button.
     Next type in “445” to “445” and click the “Add >>” button.
   • Remote Desktop:
     Click “Add,” then TCP-UDP Service Group
     Type in a “Group Name” such as “remotedesktop.”
     Check the “Port #” radio button.
     Type in “3389” to “3389” and click the “Add >>” button.
   • SQL Connections
     Click “Add,” then TCP Service Group
     Type in a “Group Name” such as “sql.”
     Check the “Port #” radio button.
     Type in “3306” to “3306” and click the “Add >>” button.
4. Next, we want to define groups of IP addresses that are allowed to access different services. For our setup, we have a few subnets that are all allowed access to all services, but you might want to restrict more. You should create a group for each security level.
   • Click the “Addresses Tab.”
   • Click “Add” and select “Network Object Group…”
   • Choose a group name, for example: “office.”
   • Add the subnets you wish to allow. You probably want outside-network/24, which is the subnet of the units external interface. Click that and click “Add >>”
   • Enter new subnets by typing in the IP address as: “xxx.xxx.xxx.0” for example: “172.25.204.0”, and setting the Netmask to: “255.255.255.0” This will allow 172.25.204.1 through 172.25.204.254. click “Add >>”
     When you are done, Click “OK.”
5. Now to define which networks are allowed on which services.
   • Click “Security Policy” on the left and then in the center pane, click “Add.”
   • Change the Interface dropdown to “Outside” and make sure Direction says: “incoming.”
   • Under Source, change Type to “Network Object Group,” then select the group name we set previously.
   • Under Destination, click the “…” button by IP address, and select the outside, world-routable IP address of the device you wish to allow access to.
   • Change the Protocol dropdown to “tcp.”
   • Leave Source Port as “any.”
   • Under Destination Port, select the “Group” radio button.
   • In the dropdown, select the service group we previously defined.
   • Click OK.
   • Click “Apply.”
   • Now to save and reload the box, click ‘Tools/System reload’
   • Select ‘Save the running configuration at time of reload’
   • Click ‘Schedule Reload’

Update your server’s software firewall

Lastly, don’t forget to update the exceptions in the server’s software firewall!
If you were managing which subnets have access on the server’s software firewall, instead of doubling up your efforts you may choose to change the option to “Any computer” and let the Cisco ASA 5505 restrict by subnet. If not, you may still want to add the new internal subnet so that other servers behind the firewall can have access too.

***If your NAT isn’t working***

I used these directions to set up my NAT, but found that my NAT’ed addresses were not able to access network resources outside of the firewall. Luckily, if you are having that trouble, I posted my solution here!

If you haven’t done this yet or lack faith in your NAT setup, I have also posted instructions on how to set up a NAT on the Cisco ASA 5505.

After setting up my Cisco ASA5505 to perform NAT (Network Address Translation) I wasn’t able to access the server from outside the firewall. I also noticed that the Server behind the firewall was not able to access network resources outside the firewall. Using a packet sniffer, I determined that the Cisco device was sending the request packets out, and recieving responses from devices but not allowing those packets through the firewall.

Removing the server from the NAT rule by simply changing the NAT rules internal address IP and hitting apply allowed the server to instantly send traffic out. Using a whatismyip service showed that I was being identified by the firewall’s IP address.

There seems to be a bug in the Cisco firewall, because the “solution” is silly; change a setting and change it back.

1. Log into the ASA5505 using the Cisco ASDM software
2. Click “Configuration” at the top, then “Interfaces” on the left.
3. Select the “outside” interface and click “Edit.”
4. Select “Use static IP” and set the interfaces IP to the same as the outside IP address you’ve specified in your NAT Rule.
5. Click “OK,” then “Apply.” The device will take a few moments to change this setting.
6. Try to access a network service outside the firewall using your NAT’ed server. It should work!
7. Now, Click “Edit” again, and change the setting back to whatever you had there before.
8. Unbelievably, the NAT’ed server will still work AND your Cisco device will have the separate IP address you require. You haven’t changed any settings, but now it works!

If you have been mucking around in your Cisco ASA5505 and want to return to factory defaults using the ASDM management software, it’s pretty easy.

If you can’t use the ASDM, I have also have a write up for Resetting the Cisco asa 5505 Using the Console.

1. Click the “Wizards” drop down menu and select “Startup Wizard…”
2. Change the radio button to “Reset configuration to factory defaults.”
3. I suggest changing the management IP. This will change the subnet of devices behind the firewall. This is useful if you ever have to put another firewall device behind this device as some consumer grade devices make it a pain to change the internal subnet. You can use any non-routable IP, such as 192.168.x.1 where x is 1-254.
4. Click “Yes.”
5. After a few minutes, I got a status message with an ERROR. This is because the ASDM is trying to manage the device using the old IP.
6. Close the ASDM without saving, renew you DHCP lease and log in using the ASDM to the new address.
7. This doesn’t seem to reset the Enable password, so you’ll have to use that to login.