https://pi-hole.net/

Pi-hole on Docker

Troubleshooting tips:
1. Custom blocking domain not working from web interface
- cp /etc/.pihole/gravity.sh /opt/pihole/
Some others scripts might need to be copy over.

2.Optimize DNS configuration
- vi /etc/dnsmasq.d/01-pihole.conf

cache-size=10000
local-ttl=300

Mikrotik Squid Ubuntu

Setup Requirement:

Mikrotik RB
Squid 3.5.12
Ubuntu 16.04 LTS

I am using Mikrotik router as default gateway for more than 5 years.
Due to insufficient bandwidth, an idea to set up Squid 3.5 as local cache to speed things up.

Client -LAN-> Mikrotik -NAT-> WWW
Squid -LAN-> Mikrotik -NAT-> WWW

Squid and client are both on the same LAN segment.

First method : Using NAT *Obsolete since Squid 3.2

Use Mikrotik built in NAT to forward HTTP request (port 80) from clients to Squid proxy.

DO NOT USE first method.

Second method : Using built-in mangle

Use Mikrotik built in mangle to mark www requests from all clients to use route to Squid proxy.

/ip route add check-gateway=ping distance=1 gateway=$your_squid_ip routing-mark=to-ext-proxy
/ip firewall mangle add action=mark-routing chain=prerouting comment="toproxy" dst-port=80 new-routing-mark=to-proxy protocol=tcp src-address=$your_LAN_ip/24

On your Squid server

route add default gateway 192.168.90.1
iptables -A PREROUTING -t nat -j REDIRECT -p tcp -s $your_LAN_ip/24 -d 0/0 --dport 80 --to-ports 3128

/etc/squid/squid.conf
http_port 3128 intercept
http_port 8080

Reference:
https://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect
https://wiki.squid-cache.org/ConfigExamples/Intercept/IptablesPolicyRoute
http://myconfigure.blogspot.my/2013/03/squid-332-328-example-squidconf.html
http://www.fazar.net/external-proxy-server-mikrotik/

QNAP Container Station

Docker in QNAP Container Station

A very light weight virtual environment for sandbox.

Docker networks:

-Bridge
-Host
-None
-Qnet (*Available on QNAP CS only)

The first three networks are built into Docker. When you run a container, you can use the --network flag to specify which networks your container should connect to.

Containers connected to the default bridge network can communicate with each other by IP address.

The host network adds a container on the host’s network stack. There is no isolation between the host machine and the container. If you run a container that runs a web server on port 80 using host networking, the web server is available on port 80 of the host machine.

The none and host networks are not configurable in Docker. You can configure the default bridge network, as well as your own user-defined bridge networks.

QNAP Qnet Docker Command

With QNAP CS, you can also use Docker command to create a network that belongs to Qnet driver and run a container with --net argument.
I will say the above in English :
It means you can bridge docker network to host network!!
Both docker and host can reside on the same LAN segment, and looks like 2 machine. 

DHCP mode

Create a new network named qnet-dhcp-eth1.

    $ docker network create -d qnet --ipam-driver=qnet --ipam-opt=iface=eth1 qnet-dhcp-eth1

Static mode

Create a new network named qnet-static-eth1.

    $ docker network create -d qnet --ipam-driver=qnet --ipam-opt=iface=eth1 \
          --subnet=192.168.18.0/23 --gateway=192.168.18.254 qnet-static-eth1

Reference:

https://docs.docker.com/engine/userguide/networking/
https://qnap-dev.github.io/container-station-api/qnet.html
https://success.docker.com/KBase/Multiple_Docker_Networks

Obi110 Voip SIP ATA

Obi110 is a great VOIP ATA for those frequent traveler intent to keep in touch with buddys and family members back at home.

Let's take a look at this small little box with VOIP magic that save thousands of dollars for my IDD phone call.
 

你在不公正的情形下保持中立，那你其实已经选择站在压迫者的一边

“If you are neutral in situations of injustice, you have chosen the side of the oppressor. If an elephant has its foot on the tail of a mouse and you say that you are neutral, the mouse will not appreciate your neutrality.”

~~ By Desmond Tutu, South African cleric and activist who rose to worldwide fame during the 1980s as an opponent of apartheid.

“如果你在不公正的情形下保持中立，那你其实已经选择站在压迫者的一边。如果大象把它的脚压在老鼠的尾巴上，而你说你是中立的，沒有人会欣赏你中立的立场﹗”

～～ 图图

[曹軒賓]可惜不是你

這一刻　突然覺得好熟悉
像昨天　今天同時在放映
我這句語氣　原來好像你
不就是我們愛過的證據

差一點　騙了自己騙了你
愛與被愛不一定成正比
我知道被疼是一種運氣
但我無法完全交出自己

＊努力為你改變
卻變不了　預留的伏線
以為在你身邊　那也算永遠

彷彿還是昨天
可是昨天　己非常遙遠
但閉上我雙眼　我還看得見＊

＃可惜不是你　陪我到最後
曾一起走　卻走失那路口
感謝那是你　牽過我的手
還能感受那溫柔＃

那一段　我們曾心貼著心
我想我更有權利關心你
可能你　已走進別人風景
多希望　也有　星光的投影

REPEAT＊＃＃

感謝那是你　牽過我的

Yellow Xmas 2012@KLCC

Cleaning in progress!

21112012

Album of Memory (image in progress...)

旅-旅

National Museum
The oldest Museum in Singapore back to 1849. What a pity i just visit half of the Museum due to lack of time.

 High-end camera originally made by German company.

 Decoration of the Rotunda.

SriLanka - AUG2011 Ver2

Galle is the best example of a fortified city built by Europeans in south and southeast Asia.
The Galle fort is a world heritage site and the largest remaining fortress in Asia built by European occupiers.
In fact, Galle Fort just out beat Melacca Fort.
Journey from Mt. Lavinia to Galle Town
We drop by the seaside.
Grrr, i got my shoes deep in the seaside....

Along the road,
Sea Turtle @ Bentota South

Galle Town