MikroTik CHR installation on ESXi tutorial video just been put up!

Be sure to head over to my YouTube channel to check out the new MikroTik CHR tutorial video!

 

MikroTik RouterOS Hairpin NAT with dynamic WAN IP

In this video I go over my fairly well polished MikroTik RouterOS way of getting a hairpin NAT solution and ensuring it has the ability to adjust itself dynamically as and when your WAN IP changes.

It’s super easy, free and requires only a slight change in how you normally apply port forwards.

 

MikroTik Port forwarding tutorial

A short video on how you can do basic port forwarding using the MikroTik RouterOS operating system.

 

My good conscience seedbox

When you use the phrases torrenting, filesharing or p2p you generally get a 50/50 reaction. Half of the people have no idea what you are talking about and the other half recoil in shock on the assumption that you are illegally sharing files and content and that you will inevitably get caught!

Torrenting isn’t a bad thing if it’s done for the right reasons, recently I’ve had to download a couple of distributions and a piece of software that are distributed by wither direct http download from a list of hosting sites or had the option to download via a torrent which got me thinking. For all of the times I’ve downloaded and redownloaded various Linux versions, Ubuntu desktop, Ubuntu server, Raspbian and the likes. I’ve always just taken it for granted. Where as most people go out of the way to make sure the torrent box simply leeches I’ve actually gone out of my way to ensure it seeds, it doesn’t sound a lot or an especially heroic thing to do but I genuinely feel better about using the distributions I am doing knowing I’m helping to make them more available for other people like me.

Using Transmission to do my torrenting on a Ubuntu Server 16.04.3 VM I followed this guide with some minor adjustments to get the box running;
https://www.htpcbeginner.com/install-transmission-web-interface-on-ubuntu-1204/

Then just insured that the peers port was correctly forwarded to my aptly named machine “seeder”

seeding

Since starting it I’ve seen a slight increase in traffic on my upload stream but then having set some limiting and QoS on the router it doesn’t affect any of my daily on goings and “needful” operations.

MikroTik Easy and Simple DMZ

Whilst going through the MikroTik forums I noticed a post asking about DMZ, whilst this in itself is very easy if you know what you are doing with RouterOS. It may not be if you are new or not well versed in it. Below is my simple “one liner” to get a DMZ working to an IP of your choice. This should be relatively safe to use if you are on the LAN side as it will only push traffic coming to you through your WAN interface. Also note that it will not work for any local requests that need to go through NAT.

/ip firewall nat
add action=dst-nat chain=dstnat comment="DMZ rule [edit the \"in interface\" to your WAN connection and the \"to address\" to your LAN IP]." in-interface=WAN-IN to-addresses=192.168.1.50

Simple. More to come so you can actually get a handle on controlling other services that you may not want to go through the DMZ.

 

Quick site update

So I’ve not posted anything on my blog for a while. Life has been busy with the arrival of both another beautiful baby girl and the very recent furry baby girl. The family life has been fairly hectic. I have though been pressing on and doing a lot of cool Mikrotik oriented stuff, policy based routing, dynamic hairpin nat and I’ve also recently stepped over into the wonderful world of virtualisation and started my own CHR instance!

I’ve also had a huge internet service upgrade (thankyou so much to my ISP).

I have a few tutorials planned out and that are starting to hit the paper/screen and getting ready for polish. Tie that into a complete man cave rework and total redecoration and move around to try and enable me to make more and better video and streaming content.

Good stuff to come!

Adblocking done well with Pi Hole on Ubuntu Server 16

Adblocking is a bit of a love or hate thing on the internet. Ads do drive some companies and make websites viable and as users most prefer not to be bombarded by adverts for thing you’ll never use. Pi Hole is a brilliant little piece of software designed for blocking those aggravating adverts at DNS level so they never actually download to your PC. This is marketed as making your network faster but in all honesty, it just makes for a cleaner browsing experience.

I installed Pi Hole onto both my actual Ubuntu Server as well as my Virtual server so I have both DNS 1 & 2 running an adblocking service, I can tell you, it helps immensely on certain websites that have lots of pop ups.

Installation is ridiculously easy to do however just in case it’s detailed below, please note this is for a Ubuntu Server installation, mine being the 16.04.1 flavour;

curl -sSL https://install.pi-hole.net | bash

How difficult was that? You will need to make some more minor adjustments though;

Password to the web admin page;

pihole -a -p yourpasswordhere

Log into the web admin page at http://PIHOLE.IP.ADDRESS.HERE/admin and choose your DNS servers, I am using my ISP’s for mine as they are naturally the fastest to respond but you can use any of the preset options such as Google or OpenDNS or use your own custom option.

Change your DNS options, this can be done either at router level so all of your DNS traffic goes here or alternatively you can specify it manually from each device you want to have an ad free experience on. I’ve personally gone down the DHCP option as this gave the most hands free approach to deploying this.

Updating Pi Hole is also a nice easy 1 liner at the command line;

pihole -up

I’ve also taken this 1 step further by adding it to crontab to be run weekly;

sudo crontab -e

@weekly pihole -g

A clean and ad free internet experience without any serious tinkering, also a snazzy web interface to view your statistics.