Technology

This is an amazingly difficult thing to find instructions on the internet for. I hope this helps someone, apologies if the “code” tags aren’t too clear. I think that’s the style.

You will need:
To be able to configure the gateway router on either the target box or on your DHCP server.
To be comfortable with the command line (no, seriously)
SquidMan 3.1

Method:
Initially you might think that OSX Server will be necessary but probably isn’t. Apache doesn’t seem suited to transparent proxying and it seems to make doing your own configuration harder too with Lion.

Install SquidMan, then go into the template tab and look for
http_port %PORT%. Underneath that line, add
http_port 3129 transparent

I run the main port as 3128. I think that’s about all I tweaked.

You’ll want to test this works (at least for proxying) set your web proxy to localhost:3128 in internet settings/advanced/proxies and apply the changes. If you can still browse the web, great. If not, check your logs (Squidman offers a window to browse them, or you can tail them in ~/Library/Logs/squid/…)
OK, so now we need to be able to forward traffic that’s not meant for us, you might already do this if you use your Mac as your firewall/router, but I only have one interface on my Mini so I had to configure this:
sysctl -w net.inet.ip.forwarding=1
Now that you can route packets, set a machine to use this one as your gateway.
Check that machine can still access the internet, if not, tcpdump on the box you are configuring for proxy and see if you see the packets arriving and leaving. If it is all working, you can move onto forcing the proxy.
Here’s the big difference for Lion. Lion uses pf rather than ipfw. Yay for upgraded BSD.
Edit /etc/pf.anchors/com.apple and add to the end:

anchor "910.Custom/*"
load anchor "910.Custom" from "/etc/pf.anchors/910.custom"

Create /etc/pf.anchors/910.custom:
rdr pass on en0 inet proto tcp from 192.168.1.0/24 to any port www -> 127.0.0.1 port 3129
replace en0 with your internet ethernet interface (the one packets from your LAN come in on and 192.168.1.0/24 with your home network.
OK. Now all you need to do is start it:
sudo pfctl -vvv -f /etc/pf.conf -E
the -E tells it to enable pf.
Now you should see squid log entries when you view pages on the machine you set the gateway for.
Now to make it permanent. Before this point, we could reboot and it would all go away
edit /etc/sysctl.conf and add
net.inet.ip.forwarding=1
The last thing to do is to set squid and pfctl to run on startup:
Edit /Library/LaunchDaemons/com.mac.adg.SquidMan.plist and ensure the following two keys and values are set:
<key>Disabled</key>
<false/>
<key>RunAtLoad</key>
<true/>

Edit /System/Library/LaunchDaemons/com.apple.pfctl.plist and ensure the above two keys and values are also set (don’t duplicate keys).. then you’ll need to find this bit:
<key>ProgramArguments</key>
<array>
<string>pfctl</string>
<string>-f</string>
<string>/etc/pf.conf</string>
</array>

And make it like this:
<key>ProgramArguments</key>
<array>
<string>pfctl</string>
<string>-f</string>
<string>/etc/pf.conf</string>
<string>-E</string>
</array>

The -E means enable.

I want to want a new Mac. They’re shiny, they’re faster, they’re more capable…I just can’t quite bring myself to do it:

I have a fat mac mini server. About twice the height of the current one. I thought about replacing it with the new Mini Server, but that hasn’t got the graphics punch – it has onboard Intel graphics. The one that has better graphics can’t fit two 750Gb drives into it…An upgrade would force me to compromise, and you don’t spend a couple of thousand dollars compromising.

I also have a previous gen Macbook Air. Faster processor, yes, but still unable to run it without sending the fans into craziness…Although the reviews have been on the model without the Radeon graphics, I’m not sure how that changes things. I think I’d rather have a dual core i7 instead of quad core and have a Radeon in there.

It doesn’t sound as though it would suddenly play portal at good speeds without going crazy nuts on the fans.

I dream of a macbook air form factor capable of playing games like portal without breaking a sweat.

iTunes preview of some iOS apps today identifies “ix.Mac.MarketingName” as a compatible device with some software designed for iOS.
I wonder if this means that Lion will feature a Rosetta for ARM capable of running iOS .ipa apps on its launchpad view. Mac is reserved for Apple’s line of desktop and laptop computers and they’re currently Intel based. Apple have already made much of it being able to work with full screen apps and doing away with scroll bars, all these would be necessary to allow seamless integration of iOS apps. They’ll also have to support multitouch and be able to execute ARM targetted code. Look out for new iMacs with capacitive screens!

This will be very funky if it happens, particularly if it also brings data syncing. I’ve wanted that full screen iOS calendar on the Mac for ages!

I reckon the reason only certain apps work is that the app has to be built with a specific version of the toolchain to be compliant.

The single most irritating thing about subscribing to magazines and newspapers via an electronic device is the enforced wait at a loading screen. I can stand this for about ten seconds tops.

The best experience I’ve had for rich content news is the Sky news app. Granted it’s not really a newspaper, but it does provide the latest news on demand. The next best is probably The Daily and then The Times.

The worst is magazines like Wired and iGizmo where you are sat at a loading screen waiting for content and what does it do if you switch away to do something else while you wait? It pauses the download! How useless is that? Hey developers, this is what the background loading api was for! I think the developers expect you to start the download and then leave it running while you go make a cup of coffee or something.

The very best thing would be for my iPad to receive a notification (silently) at whatever time the content was published (assuming I subscribe) and for it to begin to download automatically while I sleep.

Another annoyance is when you are offline (wifi and 3G unavailable) it shouldn’t show ‘loading’ for the online content like videos. ‘unavailable offline’ would be much more useful.

I would subscribe to a paid news app in a flash if at 6 each morning it would download the top stories for offline viewing ready for my train commute. Someone petition Apple to add that capability!

News delivery is getting better, but it still has too many shortcomings. Once my free ride from The Times is up, I won’t be renewing.

It’s smaller.
It’s lighter.
It feels better in your hand.
It lasts as long.
It’s faster.
The graphics capabilities are better.
It has a gyroscope for more accurate orientation detection and tighter movement in games.
It has magnets built in to hold a cover in place.
It has cameras.
You can load all your iPhone apps and iPad apps on, and some may well ‘just work better’ (though that isn’t a guarantee).

I love that I was able to restore my new iPad from the backup of my old one and there were my apps as if I’d never used anything else.

I recommend it if you don’t have an iPad at the moment. If you already have an iPad, you might consider selling the old one and getting a subsidised iPad 2 on a data contract – 3 seem to have some good deals. It’s perfectly likely you could get 250 for the old one, pay 250 for a new one and only pay £240 more for the length of the contract than just getting the Data sim alone.

Faye

If you see me day to day the chances are you asked me what I thought the Apple ‘Back to the Mac’ announcement was. I wish I’d posted my answer here but I’ve been frantically busy lately. I told people who asked that I believed this next release, Lion, as revealed in the teaser image would be the last in the current 10.x releases of Mac OS X and because of that will likely begin the evolution toward a unification of OS X and iOS capabilities. I hoped that we’d see more multitouch, an app store, a dashboard home screen (mission control goes beyond what I imagined) and the ability to have universal apps for Mac and iOS – perhaps that bit will come later. Unified applications would allow developers to easily charge once for an application which is then portable to your mobile device when you leave your mac. Cloud storage APIs would then allow you to take your apps and data with you when you go, cacheing locally for when you’re not on the Internet and syncing back when you are in range once more.

I think the new MacBook Air is a great evolution of the product, now able to approach MacBook speeds in the 13″ version and with the same pixel count as the current MacBook Pro 15″. I’m now looking forward to the MacBook pro refresh which must surely include the option for a full 1080p screen. I would love to see some hybridisation so that the OS is on flash along with a block cache and there’s still room in the Pro for a proper hard drive. With it’s all SSD operation though, the Air will likely outperform most MacBooks – provided Apple have addressed the flash erase cycle speed issue. I expect that’s the purpose of the VLSI on the card with the memory chips.

I didn’t expect FaceTime on the Mac with this announcement but it is welcome and hopefully persuades more companies to con side the cost savings of a Mac vs all the additional conferencing hardware and software

The premium for this miniaturisation is much smaller than when the original air came out. Apple are showing how to cross pollinate from their mass market products and benefit from the cost savings.

So, I spent $6.99 on “Insomnia” by Stephen King. Do publishers not keep a digital master of the manuscript used to typeset a book? If this book is anything to go by, I guess they don’t.

The book has been scanned and OCR’d and it is this version which has been used as the source of the ebook I bought. It wasn’t even proofread. It’s akin to the experience of paying for a bootleg movie, except that the publishers are getting paid for the shoddy workmanship.

“Modem” of course is a scan of a tightly kerned “Modern”. “run” somehow became “nm”.

I am thinking of setting up a website where people can report on the quality of books they’ve purchased. I certainly think if you’re going to get work of this quality, you might be better off with a version lovingly reproduced by a fan, and edited by fans.

Of course that’d be illegal.

This isn’t good enough to pay for.