Sunday, September 29, 2013

September 2013

Playing with good friend, Milo :)

In hopes that it will soon (or even eventually) feel like fall, we made caramel dipping sauce for our apples. Yummy recipe! I posted it here: http://www.saltboxhousecreations.com/2013/09/honey-caramel-sauce.html

Brookie, Cole and Tyler worked hard to sand down our bathroom stools so we can repaint them to match each other. :)

Big F enjoyed watching and playing around outside too.

...did we mention he LOVES remotes?

I asked Coleman if he felt bigger and stronger because he's 6 now. This is the response I got. :)


She plays so hard. :) A little cat nap will do the trick to rejuvinate and get her back in the game! :)

Our big 6 year old! :) He still loves to dress up! They've been learning about community helpers at school this month, so why not be a firefighter? :)



Flint and I are still getting used to the big kids being at school. Sometimes we stay home too much and things get a little boring. We decided we'd better call some friends and go to the park. :) We had a blast! Thanks Emily and Wright! :)


Enjoying the sun and the water!


Wright. :) What a cutie!





He even tried the big slide. :) This guy has no fear! He's growing up so fast!


World's greatest dad! :)

Legos for the birthday boy! We didn't get many pictures of him on his birthday. We were having too much fun I guess. :) This is the first present he opened. He was over the moon about it. I love that he's so easy to please! What a joyful boy we are blessed to have! We love you big 6 year old!





We had Cole's birthday cake the day after his birthday. We ran out of time to do all the fun things we had planned. :) He even wore the hat he got at school for his birthday! :)








Coleman is very good at sharing. He had an early day at school and when we got home he found this cool package from Uncle Scott, Aunt Leanne, Addie and Eden on the porch. He was so excited! He got his other switch and go dino out too so he and Flint could both play. What a sweetie! :) Thanks fun cousins for the birthday surprise!


Monday, September 16, 2013

Connecting to my home network securely with OpenVPN

I know you've all been anxiously awaiting another blog post about my nerdy projects. If I recall correctly I haven't posted anything since the RaspBMC post. You are in luck because today you get another nerdy post from me

Project Inspiration:
Seems like with rare exception I spend most of my time somewhere that has wireless internet access. This is one major reason I still have a "dumb" phone and don't pay for data service. Unfortunately, the problem with using free Wifi is you don't know who else is using it and potentially watching your activity. For the last several years I've always had some type of iOS device with me in the at work all the time. I know many people disregard this issue and just use the free wifi to do whatever they would do normally. I'm a little paranoid so because of the security issue I mentioned I've never checked my e-mail or even used it to connect to any online accounts unless I'm at home connected to my own secure wireless network.

Realizing that I will be spending the rest of my working life in an operating room, where I may or may not have cellular service, but will likely have wifi. I decided it was time to have a secure way to connect to the internet through the hospital wifi and also a secure means of connecting to my server at home.

Although there are different ways to do this I chose to create a virtual private network or VPN. I know corporations use them to create secure connections between offices. Hospitals use them to allow physicians to connect to the electronic medical record over the internet.

Equipment and software:  
I'm cheap (Remember I don't have a smart phone because I don't want to pay for the data service.). I'm sure I cold have paid someone to set this all up for me, or used some integrated software solution but I don't like to pay for things I don't have to and I like to figure things out myself.  To complete this project I used all free and/or open-source services

1. Server
This was an easy choice. Although I could have used the computer that is functioning as my file server as a VPN server also, that would mean that it would have to be on all the time. Right now it is setup to go to sleep every 45 minutes until someone tries to access files. I installed DD-WRT on my router several months ago. I have a version of DD-WRT which can function as a VPN server. Since my router is on all the time anyway and uses much less power than my computer, this seemed the logical choice.

2. VPN protocol
DD-WRT has PPTP and OpenVPN built in as well as IPSec, L2TP, and PPTP passthrough capabilities. We're already established that I'm paranoid and want the best security I can get so I went with OpenVPN. Plus, it is open source and free.

The Setup:

1. Download OpenVPN - from here and install


2. Use OpenVPN to create certificates - How to outline from openvpn.com

Essentially, I ran cmd.exe as an administrator under windows.
Once running I executed the following commands:
  cd C:\Program Files\OpenVPN\easy-rsa
  init-config
Now I edited the vars.bat file using Notepad++ to set my country, state, city, and e-mail. I then continued with the following commands
  vars
  clean-all
  build-ca (You must define a common name during this process)
After this is complete I built the keys for my server and on client
  build-key server server
  build-key client1 (This step can be repeated to create more client certificates)
I then generated the Diffie-Hellman parameters
  build-dh

All of the keys and certificates I just created were saved in C:\Program Files\OpenVPN\easy-rsa\keys
We will access these later to copy these to the appropriate areas.

3. Setup a dynamic DNS.

I need a way for to locate my OpenVPN server on the world wide web. Because I don't pay for a static IP address, which is the case for most residential customers, my IP address changes periodically. There are several dynamic DNS services which circumvent the problem of the changing IP address by associating you IP address with a domain and then changing that association when your IP address changed by your ISP.  I chose no-ip.com

DD-WRT has the ability to connect to and update no-ip.com so I don't need to install the no-ip.com windows client.

Here's the setup in DD-WRT


4. DD-WRT OpenVPN configuration

In addition to generating keys and certificates with OpenVPN you need server and client configuration files. The DD-WRT web GUI will create most of the server configuration file automatically. You can then provided additional configuration in the box labeled as such.

Here is the setup I used

I chose a Router (TUN) configuration because I wanted to be able to connect using my iPad and the OpenVPN application for iOS does not support TAP interfaces

I have this working with the default port 1194. What I don't yet know is whether the hospital will block that port and prevent my connection. I may have to change it later to something that won't be blocked like 443.

I may change the Hash Algorithm to something more secure than SHA1 but didn't for the initial setup. Also for security I may adopt a TLS cipher later.

Although "Redirect default Gateway" is disabled, I enabled it again in the additional config. I had it disabled for testing and because I wasn't sure which commands that would add to the server configuration file created by the GUI.


The contents of the appropriate certificates and keys are pasted from the C:\Program Files\OpenVPN\easy-rsa\keys folder at this point.
server.crt is pasted in entirety in "Public Server Cert" box
ca.crt is pasted from begin to end certificate in the "CA Cert" box
server.key  is pasted from begin to end certificate in the "Private Serve Key" box
dh.pem is pasted from begin DH parameters to end in the DH PEM" box.

Since the config file is mostly created by GUI above you just add additional parameters below.
  push "route 192.168.8.0 255.255.255.0" - haven't tested if this is necessary as it may already be in the config file created by the GUI. The goal is to get the VPN network at 10.8.0.0/24 to connect to my LAN at 192.168.8.0/24.

As you can see the push "route-gateway 192.168.8.1" is commented out. This is because the GUI creates a push "route-gateway 10.8.0.1" command and I found I didn't need it.

Since I wanted to direct all my internet traffic through the VPN tunnel I included the line push "redirect-gateway def1." Unfortunately, this created a few problems. I discovered that the VPN connection was working but would not allow me to access the internet from my client when this line was included. This was resolved with 2 things. First, I had to provide a DNS server. It was not sufficient to provide the IP address of my router to then connect to a DNS server. I had to provide my Comcast DNS server IP address. I provided 2 just in case one stops working. Second, I let the router know what to do with the internet traffic sent over the VPN.  I was able to find an iptables firewall command in the OpenVPN how to which NATs the traffic to the internet. This was then modified based on some DD-WRT form posts to work with DD-WRT as follows

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j MASQUERADE


I wish I could say that I fully understand syntax of this command and why it fixes my problem, but I don't.

5. Client configuration

Although the DD-WRT GUI creates the server configuration file. I had to create my own client configuration file, but there are good examples all over the web including on OpenVPN. I've included it below

client #Defines the type of configuration file
dev tun #Defines the interface, either tun or tap
proto udp #Defines the protocol, either udp or tcp
remote myaddress.noip.com 1194 #let the client know where to locate the server.
resolv-retry infinite
persist-key
persist-tun
mute-reply-warnings
# Define security certificates and keys
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
ciper AES-256-CBC #This must match the server configuration
auth sha1 #This must match the server configuration
comp-lzo #Enable compression
verb 3 #Set log file verbosity

Further clarification on these commands is available in the OpenVPN manual.

6. Download and install OpenVPN connect for iOS


7. Transfer the appropriate certificates and keys (ca.crt, client1.key, and client1.crt in my case) to my iPad through iTunes. I chose iTunes because e-mail would be an insecure way to transfer a secure certificate.

8. Test connection

There are a few caveats with this one. First, you have to be connected to the internet through another network. That means my home wireless won't work. I used a wireless modem I purchased so we could have internet during our recent move. Second, the way windows uses system time and the way Linux based systems like DD-WRT use it are different. If you create your keys and certificates with Windows they may not be valid with DD-WRT for several hours. This will be noted in the server log in DD-WRT.

9. Accessing windows file shares.

Although I had shared files to all users on my network using Windows, the default firewall setting for this is limited to the local subnet. Since my VPN is on a different network 10.8.0.0/24, I had to allow sharing to that network in the windows firewall.

I was successfully able to connect to my network using my cellular modem. All of my internet traffic is routed through the VPN tunnel so that when I query my IP online it shows the same as my home address. I was also able to access my windows shares through this connection. Now I just have to test this through the hospital network to confirm functionality.

Update: I was unable to connect to my server when I tried through the hospital network. I'm guessing this is likely secondary to the UDP 1194 port being blocked to outbound traffic on their network. I will change my port and protocol to 443 and TCP respectively and test it again at the hospital. It is very unlikely that this port will be blocked; however, I'm not certain at this time if there are any other ramifications associated with this change. I do know from a bit of internet reading that this method is likely slower.

Update 2: I could not connect on UDP port 1194 at the hospital. Connecting through port 443 did work.  My major concern now is the security risk of having port 443 open for inbound traffic.

Monday, September 9, 2013

Flint's 1!!

Wow! Where has the time gone? I can't believe how grown up you are Big F! :) We all love you so much! You bring sunshine into our home and everywhere else you go. Everyone who meets you says what a sweet and calm spirit you have and what gorgeous eyes you have! I would like to add killer smile and contagious giggle. :) You are truly a blessing in our lives!!

A few things about you:

>You are a runner, not a walker. You've been walking for a couple months and you're very good at it now! You're fast and you love it! :) You're also a really good climber - up and over small furniture, up and down stairs, over people, pretty much wherever you want to go. You're like a little tank!

>You are a good communicator! You know a few words and a few signs! We're so proud of you!! You say "ama" (grandma), "buh" (book and ball) & "shzz" (shoes) and "uh'oh." You sign "more," "milk," "banana," "eat," "baby" (which I think you think means Baby Signing Time), and "sign." We think you're amazing!! Keep up the good work Big Guy!

>You stop traffic everywhere we go. People stop us all the time to tell us how beautiful you are and especially what big beautiful eyes you have. Your big personality does have something to do with it too, I'm sure. Everybody who meets you loves you!

>You like to talk on the phone. Sometimes you bring me the phone and say "ama!" You like listening to Grandma on the phone.

>You love music - pretty much any kind. Your favorite songs are Wheels on the Bus, If You're Happy and You Know It, Happy Birthday, I Love You a Bushel and a Peck, & I Am a Child of God. You love playing music with instruments or anything else that will make a loud noise (Pots and pans and wooden spoons - and silverware).

>You love your blankies! You will bury your head in them if you're tired or just feel like having a minute of love. :) You also love soft things. You like to hug stuffed animals and you like pillows.

>You love to play. You are good at playing with me, with Cole and Brookie, with Dad or by yourself. You like musical instruments, books, & cars. You like anything with wheels. You like to push buttons (buttons on the computer, buttons on your 4 wheeler, buttons on toys, the dishwashwer - any buttons!) You like blocks. You like your farm puzzle. You like to play on the stairs and your slide. You like to practice coming down the stairs and if you're not tired or hungry you don't even cry if you fall.

>You have big smiles for everyone in your family and you're quite attached to each family member. You light up when Dad comes home and area always running over to greet him! You love to be held by Mom during the day (or at night), you love playing with Coleman. He's good at sharing with you and you love to play with his toys - especially Legos and anything else he can build with and you can take apart. :) You also like playing with Brookie. She likes to help you do things.

>You like bananas, applesauce, peaches, pears, chicken, meatballs, hot dogs, MILK!!!, juice, cheese (especially cheddar), toast with jam, cereal with milk, crackers, granola bars, chocolate chips, cookies, frosting, cake, and lots of other things! You will eat spinach, carrots & sweet potatoes. You're kindof a veggie snob. You don't eat too many of them. We're hoping that'll change and that you take after Cole and Brookie. They love veggies!

There are so many fun and amazing things about you! I could go on and on about you and your darling personality! You are definitely a keeper! We love you with all our hearts! You are a special part of our family and we all love you lots and lots! xoxoxoxo Happy 1st Birthday Bub!
 

Monday, September 2, 2013

August 2013

Brookie and her bestie, "Cindy"!

More swimming lessons. This guy really loved it! He's pretty fearless with the water now! Props Mr!!

This guy is a little ham in front of the camera. He really did enjoy swimming lessons though. Playing, wandering, snacks and SWIMMING! Good times!





This one is a little hesitant. She was a bit of a stinker about trying anything new, but she really loved Miss Becky and I think she had a good experience.


Little fish


Becky got Brookie to "swim" this one time. It was a bit of an event and there was much screaming after, but she did it. This girlie is totally capable, just not super willing. :) Oh well. She had fun. She does love the water!



Thank you, Mr. Daniel! You were so fun! Coleman loved being with Daniel! He even invited him over to play. :)

Brookie and Miss Becky. She was so patient and sweet. We enjoyed swimming lessons!

Loads of fun building with these cool things! Cole and Brookie both loved making ships and towers and castles. Then after they built cool stuff, they wore some of it. :) These cylindrical ones made great arm cuffs for these two dress-up lovers! Cool toys! Thanks, Grandma and Grandpa! (And ok, I'll confess... I had a great time playing with them too!)




Our amazing dad brought treats home for the weekend! Krispy Kreme, YUM!!! Cole loves glazed donuts, the rest of us love ANY donuts! They're so so yummy! And the hats are fun too! Thanks Daddy for the fun weekend tradition and treats!!


Flint being a helper. Tyler being wonderful!

The last day of summer. We played at the park and went to McDonalds for lunch. These two seemed to have a blast. They love climbing on stuff!



This guy enjoyed it too. Notice the lunch all over his shirt... :)

First Day of School!!! I can't believe these two are in school! Coleman starts Kindergarten and Brookie is going to preschool! I'm gonna miss them while they're away having fun and learning lots! Tyler was home in the mornings (worked 11-11) this first week of school, so we all walked together and it was really fun! They were excited and I think the fist week went well tho we were all exhausted by the end! All day Pre-K and Kindergarten is a new theory for me. Not in love with it, but it seems to be working out ok. :)

My big 5 year old is going to school ! Where has the time gone? He's such a smarty, I know he will love it and will learn so much! Coleman, Daddy and I are so proud of you and the smart, funny, kind boy that you are! We wish you the best in your class with your fun new friends! Can't wait to hear all about it!!

Oh Miss Brookie! I can't believe how big you are and how grown up! I hope you love preschool and make lots of friends. Daddy and I love you so much and are so excited for you to go to school and make some fun friends and learn all sorts of fun things. We're excited to hear all about your new adventure!!

Coleman in front of his classroom. Pretty cool, Bud! His teacher's name is Mrs. Proctor. She's the teacher, they have an aide and a student teacher this year. It's gonna be great!!

Brookie in front of her classroom. Her teacher's name is Ms. Laura. She has an aide in her classroom too. It's going to be a fun year!!

This little guy and I are getting reacquainted. :) We have lots of time to spend together now. We can work on signing and we've read lots of books! So fun! He brings me so much joy! I think this is his first (or one of his first oreos). :) Rite of passage, you know. :)

Princess Brookie and I enjoyed attending high tea with our RS sisters for an activity on night. It was fun to spend some time with this cutie pie!I love her with all my heart! She loves to dress up, so this was a great activity for her! :) Fun night for both of us!

My cute princess! I love you Brookie - with all my heart!!


Brookie sitting with the other princesses at "tea."

After school snack with the brother. :)  He loves to be with her and loves when she helps him. They both felt pretty special to get to eat in the living room on a TV tray. :)

I couldn't resist capturing this little cave man dragging Raggedy Ann off to his cave. He LOVES her hair and just had to smash his face all over her and feel her fun yarn hair. It was pretty cute! This guy loves anything made from yarn. Guess it feels like his special blankie. :)

Our big almost one year old! Everywhere we go, people stop me to comment oh his beautiful eyes! I have to agree! He's a handsome dude!! Flint, you make me smile! You make my heart feel peace and joy. Your smile makes my day! You are learning so many things! I am constantly amazed at the things you're doing! I love the way you say shzzz (shoes), 'amma, uh'oh & buh (book and ball). I love the way you look so proud when you've accomplished something (like climbing up and down the stairs). I love that you hand me your sippy cup when you want a drink (so I can hold it for you). I love that you sign more, baby, cheese & milk. :) You never cease to amaze me! You put up with a lot, but you are always happy. I love you! You are incredible!


Beautiful Brookie! I love the way you like to wear stickers for earrings. I love that you "do" your own hair and that you love headbands! I love that your smile looks a little like the Mona Lisa - like there's something more your're thinking about.  I love that you are opinionated. I love that you are sweet to your brothers. I love it when you help me cook. I love it when you cuddle in my bed in the morning. I love watching you color and draw. You are a very good artist. I love listening to you sing! I love it when you ask me to tell you stories about when I was little. You make my heart happy kiddo! You are such a blessing in my life!


Big Cole Bud! You are my hero! I love listening to your stories. You are smart and funny and amazing! You have an incredible imagination! I love to watch you build things and figure stuff out! You remind me of your daddy and grandpa! I love that you are obedient and always trying to do the right thing. I love that you are kind and sweet to your baby brother and your sister. I love that even when you're sad or your feelings are hurt, you still act with gentleness, kindness and respect. I love that you give me butterfly kisses and Eskimo kisses at night. I love that you ask lots of questions and that you say thank you all the time! You are quite the man, buddy! Thanks for making my life wonderful!




Daddy and Coleman working on homework. This school thing is complicated. :) We're lucky to have a great daddy who will help us when we need help. I'm sorry Dad is such a stickler for good handwriting, Cole. You will thank him later though. :)

Brookie wanted to do homework too. :) She's pretty amazing! All of a sudden she's writing and wanting to read! Such a big girl!!

Having fun with balloons on Flint's birthday!


HAPPY 1ST BIRTHDAY BIG F! We had a nice day. Flint and I got the kiddos dropped off at school then we ran to the store. Flint enjoyed checking out the store and wandering around a bit. He picked out a ball and a balloon from the dollar store and had a blast! I love this guy!

When we got home from our errands he took a nap and I got some things ready. I made cupcakes and Brookie helped me frost them when she got home from school. She also helped me make a birthday sign. She's a good colorer and was happy to do it for this fun brother of hers!


After a very gourmet birthday dinner of hot dogs and grapes, we had cupcakes. :)

Flint liked the candle


He eventually figured out what to do with the cupcake. :)





After a minute he tried the matches too. :)



We opened a few presents and everyone helped build his slide! We all had a blast! It was so fun! Thanks for the the fun birthday present/activity Grandpa and Grandma! We all enjoyed it. Flint really climbed right up. He was so excited. Didn't even have to think about it. He wanted to get going. We've had so much fun!


He even climbed too fast for me to catch him in the act!

He had a nice day. He talked with Grandpa and Grandma Coleman and Grandma Neff and skyped with Grandpa Terry, Grandma Marilee and Uncle Trevor. Uncle Trent sent birthday hugs from Kansas and he got a package in the mail from Uncle Scott, Aunt Leanne, Addie and Eden. He got birthday cards from Grandma Great and Grandma Neff, Grandpa and Grandma Coleman and Grandpa Terry and Grandma Marilee. It was a fun day filled with lots of loves from family! :) I can't believe it's been a whole year! Wow! Time flies. Coleman and Brooklyn really made his day special. They helped with balloons, cupcakes and his birthday sigh and they played with him and just loved him! While we were playing and getting ready for bed, Daddy made it home to give the birthday boy a hug and a kiss. The perfect end to a fabulous day!

Tybee Island beach trip! What a fun day! We went on a day trip with some friends from our ward and  had a blast!! It was a long drive, but loads of fun! The sun, sand and water were warm and it was nice to be together as a family and get out to do something fun!

This guy was like a little fish. He moved all day long - swimming in the waves and building stuff out of sand. :) He had a great time with his daddy and with his friends playing and swimming. :)

This guy loved it all too. His first love was the sand. He was covered in it! He played with trucks and cups and just had a blast! He also got in the ocean water and had a fun time getting wet. :)

Sandy bum :)

Dad and Cole enjoying the water! Cole was so brave and swam so well. He had a marvelous time and it was fun to watch him!

Fun friends, the Klemenstons. :) Wish I had pictures of all our friends. I only took a few pictures. We all had a fun time!










This poor chickadee wasn't feeling well the whole time. She spent most of her time napping under the umbrella (good thinking Tyler getting an umbrella that morning before we left!)

Still a beautiful  beach babe!


All in all we had a fabulous day with friends and it was nice to spend time together as a family. :) A great trip! Thanks for inviting us Robinsons! :)

Cole has been working on remembering to patch and he filled this whole jar with marbles from each time he patched. He earned $10 for filling it. He paid $1 in tithing and took the rest to the store to buy some fun Skylander Legos. He was pretty proud and we're proud of him. Patching is hard, but he's really good about it. :)

Snow White and Flint wanted to be in the celebratory picture as well. :)