Amazing A380 Traffic

While logging ADSB traffic around my area [ ~ 150 NM+ Coverage ] – I recorded 13 unique A380 registrations in less than 24 hours. Below is a log for reference.

REG Airline Date Squawk Type of Aircraft
9V-SKL Singapore Airlines 2014-12-05 17:14:34 7622 A388
9V-SKQ Singapore Airlines 2014-12-05 17:31:45 627 A388
9V-SKC Singapore Airlines 2014-12-05 18:33:29 3423 A388
HS-TUF Thai Airways International 2014-12-05 19:31:16 7612 A388
HS-TUB Thai Airways International 2014-12-05 19:39:49 2503 A388
D-AIMJ Lufthansa 2014-12-05 19:43:52 4626 A388
HS-TUE Thai Airways International 2014-12-05 21:17:46 6173 A388
HS-TUA Thai Airways International 2014-12-05 21:55:02 404 A388
9V-SKM Singapore Airlines 2014-12-05 22:10:25 2211 A388
9V-SKB Singapore Airlines 2014-12-05 23:12:07 2203 A388
D-AIMJ Lufthansa 2014-12-05 23:40:48 567 A388
D-AIME Lufthansa 2014-12-06 03:34:36 4614 A388
9V-SKR Singapore Airlines 2014-12-06 05:23:46 2046 A388

Howto :: LAMP Stack on Centos 7

Quick and Dirty install below!

Install HTTPD

sudo yum install httpd

Start and Enable Boot-Startup of httpd

sudo systemctl start httpd.service
sudo systemctl enable httpd.service

Install & Start / Boot-Start MariaDB ( A drop-in mysql replacement )

sudo yum install mariadb-server mariadb
sudo systemctl start mariadb
sudo systemctl enable mariadb.service

Secure Your MySQL Installation

sudo mysql_secure_installation

Add PHP & Mysql Support – Restart HTTPD

sudo yum install php php-mysql
sudo systemctl restart httpd.service

Optional Package Install – You can add PHP Extensions by using the ‘yum search’ command to find and ‘yum install’ to install.

yum search php-
sudo yum install pkg1 pkg2 etc.

Finally , Open up ports on FirewallD

sudo firewall-cmd --permanent --zone=public --add-service=http 
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

Optional – mcrypt and imagemagick support

yum install ImageMagick ImageMagick-devel
yum install php-mcrypt*

Service Management Cheat Sheet :: CentOS 6 & 7

Below is a conversion document for Centos 6 to 7 Service Management!

service systemctl Description
service name start
systemctl start name.service
Starts a service.
service name stop
systemctl stop name.service
Stops a service.
service name restart
systemctl restart name.service
Restarts a service.
service name condrestart
systemctl try-restart name.service
Restarts a service only if it is running.
service name reload
systemctl reload name.service
Reloads configuration.
service name status
systemctl status name.service
systemctl is-active name.service
Checks if a service is running.
service --status-all
systemctl list-units --type service --all
Displays the status of all services.

Here’s a conversion for chkconfig

chkconfig systemctl Description
chkconfig name on
systemctl enable name.service
Enables a service.
chkconfig name off
systemctl disable name.service
Disables a service.
chkconfig --list name
systemctl status name.service
systemctl is-enabled name.service
Checks if a service is enabled.
chkconfig --list
systemctl list-unit-files --type service
Lists all services and checks if they are enabled.

Asterisk Config for PTCL SmartLink App

PTCL has recently launched an app called “SmartLink” , Which provides you access to your phone line over SIP , essentially providing landline access from anywhere.

Since the land-line I have is only used for DSL and SmartTV, I wanted to set it up on SIP , so I can access it from any device.

PTCL uses Huawei SoftX 3000 Soft Switches for this service , I have had experience on these switches from my previous jobs and I know that it requires PRACK support to start off , In addition , while configuring , I noticed that the user_agent also needs to be set to a certain value for the registration to be successful.

I used chan_pjsip and asterisk 13 for this setup. Below is the configuration that works!








fromdomain = SIPSERVER 
fromuser = USERNAME 
dtmfmode = rfc4733 
force_rport = yes 

[ptcl] type=identify 

Enable FaceTime on Your Middle-eastern iPhone/iPad

I was stuck with an iPhone purchased in the middle-east where Apple blocks FaceTime – Turns out that its just a matter of Carrier Bundles – Apple , from iOS 7 , started signing the carrier bundles , so they couldn’t be modified by end-customers , any modification would result in change of the signature with the modification over-written on reboot with a standard bundle. A developer team from china enabled modifications by releasing a com-center patch that allows an over-ride for the signature check.

You need to have a jail broken phone with Cydia installed.

1. First add the repo for chinasnow in cydia. The repo url is

2. Install com-center-for-ios-8 patch from the repo.

3. Reboot / Respring your phone

4. Open up iFile ( Can be installed from Cydia )

5. Edit /var/mobile/Library/CarrierBundle.bundle/carrier.plist ,  ( Use text viewer mode and click the Edit button to edit the file )

6. Add the following on the 5th line in the file,


7. Close the file and reboot your device.

You’ll have FaceTime available in the options and the FaceTime app icon will pop-up as well. If it doesn’t work , reboot again.


Ham Radio & Hamsphere

Since I have some time on my hands these days and I am playing mostly with SDR ( Software Defined Radio ) – I decided to read up on Ham Radio as well – Picked up the For Dummies guide and can’t put it down!

I searched around for something to start off, to practice while I am studying for my license and found Hamsphere ( – It’s a wonderful piece of software which emulates the radio waves virtually and I have fallen in love with it – My call sign is 48HS1452 ! Here are a few of the wonderful QSLs I have received today.


















Open VPN Installation on Centos 6.5

In a rush , so will jot down the steps only. You’ll need epel repo

On CentOS 6 , that will be

sudo rpm -Uvh epel-release-6*.rpm

Once that is done ,

1. yum install openvpn easy-rsa
2. mkdir -p /etc/openvpn/easy-rsa/keys
3. cp -rf /usr/share/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
4. vi /etc/openvpn/easy-rsa/vars

Modify these parameters to suit your need

# Don't leave any of these fields blank.
export KEY_PROVINCE="Punjab"
export KEY_CITY="Multan"
export KEY_ORG="LinuxPakistan"
export KEY_EMAIL=""
export KEY_OU="server"

5. cd /etc/openvpn/easy-rsa/
6. cp openssl-1.0.0.cnf openssl.cnf
7. source ./vars
8. ./clean-all
9. ./build-ca

Generating a 2048 bit RSA private key
writing new private key to 'ca.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [PK]: ----> Press Enter
State or Province Name (full name) [Punjab]: ----> Press Enter
Locality Name (eg, city) [Multan]: ----> Press Enter
Organization Name (eg, company) [LinuxPakistan]: ----> Press Enter
Organizational Unit Name (eg, section) [server]: ----> Press Enter
Common Name (eg, your name or your server's hostname) [server]: ----> Press Enter
Name [EasyRSA]: ----> Press Enter
Email Address []: ----> Press Enter

10. ./build-key-server server
11. ./build-key client ( if you want to use RSA Keys for Connectivity )

12. ./build-dh
13. cd /etc/openvpn/easy-rsa/keys/
14. cp dh2048.pem ca.crt server.crt server.key /etc/openvpn/
15. vi /etc/openvpn/server.conf

Use my configuration file from this post

And that should do it

IP Routing

vi /etc/sysctl.conf

Set the value of the parameter below to 1 to allow IP Packet Forwarding from VPN clients

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

Reload sysctl

sysctl -p

Finally some iptables magic to do the masquerading

iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE

Save and Restart the Firewall

service iptables save
service iptables restart

Mikrotik :: Winbox for OS X

One word – Mikrotik’s Amazing!

The only problem is that they don’t have administration utility for OS X – Which causes nuisance when you only have a MAC at hand for setting up the router / switch.

I built a Winbox app using Wine Bottler for OS X which doesn’t use the dedicated graphic card and saves batter life. If anyone needs a copy – ping me and I’ll upload it!


OpenVPN Configuration

Below is the configuration i use for OpenVPN server , It supports user / password authentication,TCP mode and disables TLS which is not supported by Mikrotik ( atleast for now )

port 1194
proto tcp
dev tun
tun-mtu 1420
tun-mtu-extra 32
mssfix 1450
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/ /etc/pam.d/login
push "redirect-gateway def1"
push "dhcp-option DNS"
push "dhcp-option DNS"
keepalive 5 30
status server-tcp.log
verb 5

Mikrotik OpenVPN Client Config

Following up on my previous post , Below is the configuration for setting up an OPENVPN Client on Mikrotik Router

 /interface openvpn-client add name="ovpn-out1" mac-address= max-mtu=1350 
      connect-to=SERVER_IP port=1194 mode=ip user="USERNAME" 
      password="PASSWORD" profile=default certificate=none auth=sha1 
      cipher=blowfish128 add-default-route=no 

After this goto IP > Firewall > NAT and add a SRC nat rule to masqurade all traffic going towards the VPN

/ip firewall nat add chain=srcnat action=masquerade out-interface=ovpn-out1 log=no log-prefix=""

oh and make sure you have a static route added for your VPN server IP address towards your primary gateway.

and that should be it!