Nothing happens in Minute

Nothing happens in Minute

The rusted gate of the graveyard creaked as I pushed it open. I felt out of place. As if I was disturbing the sleep of those who were buried there. I literally tiptoed across the grass. I knew it made no sense and I realized how ridiculous I must have looked, yet I couldn’t help myself. In a few more steps I should be standing in front of the headstone I needed to see.

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *

No one would blame you if you have never heard of Minute or have no idea where it is on the surface of the earth. But I was born and raised here. The earliest records of the town indicated my forebears several generations back moved from across the country and settled here. Why Minute of all places, you might ask. Unfortunately, it is just one more thing no one in the sleepy little town knows anymore.

It is said that the only exciting thing about Minute is the name. How did you pronounce it in your head? “Minute” as in a division of time, or “minute” as in small? Even the citizens no longer agree as to the correct pronunciation. One thing is for sure, the town is stuck somewhere in the last century and it is certainly small. Don’t get me wrong. We have water and power. We even have Internet access but that is as far as it goes. A few folks know what Facebook is about, fewer have actually used it. The town’s name made for all sorts of jokes. A favourite of visitors is to call any man from town a “minute man” and the fact that we are so few does not help either. But the citizens have grown a thick skin long ago and you will hardly find anyone take offence at the tasteless joke. The worst thing that might happen to you is to end up paying for a round at the local bar on main street. A few decades earlier you might have ended up in the city jail or left with a few missing teeth. But the police station closed down shortly after Chief Jameson died (he was the only policeman in town) and the jail went with it. I think we appreciate what little out of town visitors we get now that we are willing to tolerate a little unruliness.

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *

I met Karl on the first day of school several decades ago. In a class of 10, the pickings were small and we ended up fast friends over the years. I was quiet and he was boisterous. Together we still got into our share of troubles. But nothing major in a town where doors lacked locks and you could have a warm meal in any house you choose with no eyebrows raised – because of course, you knew at least someone in every house, and if not, someone is bound to know you anyway.

Karl got married to his high-school sweetheart right out of school while I got married to my farm. The happy ending didn’t quite happen though. Not for either of us. My farm barely survived not to talk of the dreams of riches I had, and the lady (I refuse to mention her name) ran away with a farming equipment salesman that came through town in a shiny Ford Thunderbird. It broke Karl’s heart into a thousand pieces. I didn’t see much of him after that. Not for lack of trying but he just couldn’t get over her. I could never be sure, but I think on some level, he blamed me for how it all went south. The salesman came in on a particularly blustery day and would have moved on but I wanted to see what he had to sell. We got to talking about farming in general, and by the time we were done, it was too late for him to leave. When he didn’t leave the next day I just assumed he wanted to take it easy for a few days in a quiet town. Karl and I drifted apart gradually after she left. I still saw him around town every once in a while, and we would stop and talk for a minute or two. But it was always awkward. I think we both thought about the same thing but neither would broach the subject. Then out of the blues, I got a hand-written letter from him a few days ago.

 11th of January, 2017

Hi Andy,
I need your help. You know how I usually end up at the graveyard on our jaunts across town. I haven’t been there in like forever, but I was feeling particularly out of sorts last Monday and one thing led to another and I found myself there. The place looked so quiet it felt like I was intruding (for the first time). But I had to go in. The gate creaked loudly as I pushed my way in. I went from headstone to headstone reading the inscriptions and imagining the life the person led while he was alive – as you know I usually do. I must have got carried away because I didn’t realise there was someone standing next to me until he spoke. It turned out to be Mr Jackson, you know, the old gravedigger.

“You know. I have heard of people leaving on the same day they arrived, but this is the only case I know of for sure. He was dead well before my time of course. And little is known about the family. They are no longer in Minute. I believe they shipped out shortly after he passed on. The story was never clear but something dark happened back then.” He said.

I looked again at the headstone and realised I had never seen it before. Yet I am sure I have been to that corner of the graveyard before in the past. I did a quick calculation and realised he was the same age as us when he died. I was about to move on when it struck me that I shared the same birthday with him. That set my heart racing for some reason. Then I realized his initials where exactly the same as mine – Kristopher Butler – K.B. I pressed the old man for more details but he had told me all he knew. I didn’t sleep at all that night and was at the city library well before Mrs Fiona Adkins came to open it up as usual. I didn’t find much information there either. She told me the fire of 1964 destroyed several of the city’s documents including some of the census and other historical records.

I went back home and I must have fallen asleep at some point. I had a dream that I was back at the graveyard. But the headstone was laying on its side and someone had opened the grave. Then the next minute I was lying on my back in the grave and someone was shovelling dirt on me. I couldn’t move! I tried calling out to him to stop but nothing came out of my mouth. Then he stopped briefly when someone called out to him. I could have sworn it was Mr Jackson and the name he called out was the name on the headstone. The fellow was definitely our peer, but his clothes though neat looked like something my great-grandpa would have felt totally at home in. I thought he had stopped for good, but then the voice said “never mind, get on with it.” He turned round and started shovelling dirt into the grave again. I was soaked in sweat when I woke up screaming.

I have not slept now for several days. Do not bother to come to the house until you have done me this favour I ask of you. Please go to the graveyard and look for the headstone. It is in the upper east corner as you make your way into the graveyard. I want to know if I am crazy or not. Until I am sure, I have decided not to leave my house until my birthday has passed. I have this sense of foreboding that something dreadful will happen on that day. I am rationing the food I have and I think if I skip a little here and there, I should be able to make do. I shall not step out of the house till that day is over and I shall not attend to anyone. But I shall be looking forward to a letter from you. If you still consider me a friend (which I have not been to you since she left), you will go.

Your friend in desperate need,
Karl Bridgewater

I never did understand his fascination with the town’s graveyard. Personally, I didn’t see the point of going there to “visit” people who had died long before my parents were born and the ones you really did know were still too fresh to be too painful. But I couldn’t abandon him now in his hour of need. I would go. But it took me two days to get up the will to finally leave my house.

I stepped out and it felt as if the wind intended to lift me up and blow me away across town. And it was unseasonably cold. Don’t get me wrong, it is cold all year round in Minute so I am used to the cold. I decided it was the wind that set my chattering by the time I had walked a dozen yards. And I still had two hundred more to the graveyard.

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *

I came to a standstill in front of the same headstone Karl must have stood looking down at a week or so ago. Everything was as he had said in his letter. The days and the initials matched his. His birthday was in a week from today. And that reminded me that mine was in another month or so after his. Frankly I didn’t know what to make of the whole matter. I was still there when a voice woke me out of my contemplation.

Andrew Inglewood is it not? I think the last time I saw you was at Margaret Townsend’s wedding. Must have been all of 15 years ago. Yep. I think I am right. I thought maybe you had moved away. You know a lot of folks did back then.” He said.

I thought for a second and then nodded.

“Strange headstone, right? You are the second person looking at it this week. Karl Bridgewater was here a few days ago. Didn’t you boys run together at some point? He was quite fascinated by it and wanted to know if I knew anything about the lad that is buried there. Unfortunately, I don’t, but I suggested he might check at the library. You know, for birth records and maybe some old newspaper from back then might have survived. If there’s anyone that knows more about this town than I, it is Fiona Adkins. Should have been Fiona Jackson though. But she was fire and I was tepid water at best. I had no chance. Well, that’s what she said anyway. I guess I proved her right.”

“I think I should be moving on. The knees won’t take much more today.”

I said goodbye and he had shuffled a few feet away, when he suddenly stopped and looked back. “You know, I did a little bit of work around here after Karl left and I found the strangest thing. There’s another headstone just a few yards away on the other side of the walkway facing west. Same stone, very similar to that one. In fact, the fellow buried there died just about a month after this fellow here. And wait for it, wait for it, that’s not even what got me. What really got my attention was the fact that he also died the same day he was born. Same age as this lad here actually. So I got to thinking what sort of coincidence is that right? I had it in mind to go see what Karl found in the library but my knees played up especially bad that week so I let it go.”

My heart was racing madly. There was one question on my tongue but I couldn’t open my mouth to ask. My jaws were clenched together and my throat was dry. It was as if he read my mind as he turned around and walked away.

“You might take a look at it if you like. I believe the name is Arthur Inkwater. You can’t miss it.”

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

NB: A different kind of grave-robber: I imagine I “borrow” silent stories. (05-Mar-2017)

Posted in Uncategorized | Tagged , , , , , , , , | 2 Comments

Setting up an OpenVPN access server

This post is strictly geeky stuff so feel free to skip and check out the poetry and short stories instead (don’t leave until you do! Thanks!)

A friend/colleague contacted me a couple of days ago and asked if I know how to set up an OpenVPN server. He said he took a look at the website (openvpn.net) and that the instructions there are not that easy to follow. Nothing challenges me more than getting IT-related stuff to work – figuring stuff out. And also, he said there might be some $$ involved.
I knew what OpenVPN was but had never set up a server before. It took 2 days and nights to figure the stuff out completely. One thing I don’t like is having to repeat the same process for the same thing in future, so I almost always “document” the procedure(s).

Once it is nicely summarized (as below), it then looks quite easy, but it is not! (stroking my own ego a little :-).

Let’s go!

Setting up an OpenVPN access server on Linux (with a Windows Client)

1. Install Open-VPN server
NOTE: The /etc/init.d/openvpn service control script comes from the openvpn-AS server package but it’s easy
to create one. I have attached a copy (should be in the same directory as this howto)

# yum install openssl-devel lzo-devel pam-devel
# yum install rpm-build
# rpmbuild -tb openvpn-2.4.0.tar.gz
# rpm -Uvh /root/rpmbuild/RPMS/x86_64/openvpn-2.4.0-1.x86_64.rpm

2. Copy or create /etc/init.d/openvpn (so you can use the service command to control the service)

3. Install/download EasyRSA for creating the CA (Ceritification Authority) as well as certificates for clients:

download scripts package from https://github.com/OpenVPN/easy-rsa

cd /tmp
unzip easy-rsa-master.zip
cp -R /tmp/easy-rsa-master/easyrsa3 /etc/openvpn/

4. Copy the sample config files folder to /etc/openvpn
cp /usr/share/doc/openvpn-2.4.0/sample/sample-config-files/server.conf /etc/openvpn/
cp /usr/share/doc/openvpn-2.4.0/sample/sample-config-files/client.conf /etc/openvpn/
cp /usr/share/doc/openvpn-2.4.0/sample/sample-config-files/openvpn-startup.sh /etc/openvpn/openvpn-startup
cp /usr/share/doc/openvpn-2.4.0/sample/sample-config-files/openvpn-shutdown.sh /etc/openvpn/openvpn-shutdown

5. You should edit openvpn-shutdown and change the line “killall -TERM openvpn” to “killall -TERM /usr/sbin/openvpn”
(reason is that when you use “service openvpn restart|shutdown”, killall kills the service command as well)

6. You have to edit the server.conf to reflect the location of files relative to the /etc/opevpn folder.
For example, the entry “dh dh2048.pem” in server.conf needs to reflect where you actually put the dh2048.pem file.
If you put the files directly in /etc/openvpn then nothing needs to change, but if you decide for management
purposes to put the file in a subfolder (e.g., in /etc/openvpn/keys/ then the entry in server.conf would be “dh keys/dh2048.pem”) the entries would have to change. Same applies to entries for “ca”, “cert”, and “key”.

7. This option in server.conf is to protected against DDoS (either follow the instructions or comment it out)
tls-auth ta.key 0 # This file is secret

8. The 3 lines below are at the bottom of file openvpn-startup. Comment them out or create the vpn*.conf files.
I don’t think they are needed unless you have a need to have deamons with different configs e.g., say a deamon for different companies connecting to your server.
openvpn –cd $dir –daemon –config vpn1.conf
openvpn –cd $dir –daemon –config vpn2.conf
openvpn –cd $dir –daemon –config vpn2.conf

9. Creating the various certificates:

# cd /etc/openvpn/easyrsa3/

[root@gfs2 easyrsa3]# cp vars.example vars

10. Edit the vars file and set the following variables according to your needs:

[root@gfs2 easyrsa3]# vi vars

set_var EASYRSA_REQ_COUNTRY “NG”
set_var EASYRSA_REQ_PROVINCE “LA”
set_var EASYRSA_REQ_CITY “Lagos”
set_var EASYRSA_REQ_ORG “Samson Inc.”
set_var EASYRSA_REQ_EMAIL “sam@company.net”
set_var EASYRSA_REQ_OU “IT Organizational Unit”
set_var EASYRSA_REQ_CN=gfs2.company.com
set_var EASYRSA_REQ_NAME=server

[root@gfs2 easyrsa3]#

11. Initialize the PKI (you only need to do this once for a fresh setup):

[root@gfs2 easyrsa3]# ./easyrsa init-pki

12. Create the CA:
Answer 2 questions below (Common Name e.g., the name of the server, and the PEM passphrase – use any phrase)

[root@gfs2 easyrsa3]# ./easyrsa build-ca

13. Remove the passphrase (because we are running openvpn daemon non-interactively so no way to enter the phrase)
You will be prompted for the same passphrase you entered above when creating the certificate:

# cd /etc/openvpn/easyrsa3/pki/private
# openssl rsa -in ca.key -out ca.key2
[root@gfs2 private]# mv ca.key ca.key.org
[root@gfs2 private]# mv ca.key2 ca.key
[root@gfs2 private]# cd /etc/openvpn/easyrsa3/

14. Generate the Diffie hellman parameters (DH):
[root@gfs2 easyrsa3]# ./easyrsa gen-dh

15. Generate the CRL:
[root@gfs2 easyrsa3]# ./easyrsa gen-crl

16. Generate a certificate for the server (use any passphrase. We will remove it):
In the example below, gfs2 is the name of my server.

[root@gfs2 easyrsa3]# ./easyrsa build-server-full gfs2
# cd /tmp/easy-rsa-master/easyrsa3/pki/private/
# openssl rsa -in gfs2.key -out gfs2.key2
# mv gfs2.key gfs2.key.org
# mv gfs2.key2 gfs2.key

17. Copy all the files to your /etc/openvpn/ folder
[root@gfs2 easyrsa3]# cd /etc/openvpn/
[root@gfs2 openvpn]# cp easyrsa3/pki/crl.pem .
[root@gfs2 openvpn]# cp easyrsa3/pki/dh.pem .
[root@gfs2 openvpn]# cp easyrsa3/pki/ca.crt .
[root@gfs2 openvpn]# cp easyrsa3/pki/private/ca.key .
[root@gfs2 openvpn]# cp easyrsa3/pki/private/gfs2.key .
[root@gfs2 openvpn]# cp easyrsa3/pki/issued/gfs2.crt .
[root@gfs2 openvpn]# cp easyrsa3/pki/ca.crt /etc/openvpn/clients/

18. Edit server.conf in /etc/openvpn/ and make the necessary changes. The 3 lines in server.conf show below reflects the files created above:
ca ca.crt
cert gfs2.crt
key gfs2.key

19. Generate certificates for your clients (repeat for various clients using unique names in the process):
You will be prompted for a passphrase. Use any, we will remove it. In the example below, remoteclient1 is the name of a unique CN (Common Name) I am using for a client. Note that this does not have to be the actual name on the client.
But it is this name you will enter in the configuration of your VPN client on your remote client. This will then
allow the OpenVPN server to match the name to a specific configuration (if any) and client certificates on the server.

# cd /etc/openvpn/easyrsa3
[root@gfs2 easyrsa3]# ./easyrsa build-client-full remoteclient1
[root@gfs2 easyrsa3]# cd pki/private/

20. Remove the passphrase on the certificate (you will be prompted for the same passphrase you used above):
[root@gfs2 private]# openssl rsa -in remoteclient1.key -out remoteclient1.key2
[root@gfs2 private]# mv remoteclient1.key remoteclient1.key.org
[root@gfs2 private]# mv remoteclient1.key2 remoteclient1.key
[root@gfs2 private]# cp remoteclient1.key /etc/openvpn/clients/
[root@gfs2 private]# cp ../issued/remoteclient1.crt /etc/openvpn/clients/

21. Copy/Send the necessary certificates to the client (should be done as securely as possible)
ca.crt, remoteclient1.crt and remoteclient1.key (for my sample client)

22. On my sample Windows client. I am using SecurePoint SSL VPN v2
– I downloaded version 2.0.18 from https://sourceforge.net/projects/securepoint/
– Install it and run it.
– In the system-tray, right-click on the icon and choose “show window” from the menu
– Click on the settings icon (gear wheel in the lowe right-hand corner of the application window) and choose “New” fro the menu.
– Follow the wizard to create a new VPN connection.
– give the config a name; next;
– enter the IP address of FQDN of the VPN access server and change the port and protocol if necessary (must match the one on the server as defined in server.conf); next
– you are prompted for the location of 3 files you transferred to the client above: “Root CA:”; “Certificate:”; and “Key:”
“Root CA:” = ca.crt; “Certificate:” = remoteclient1.crt; and “Key:” = remoteclient1.key
– the “Advanced Settings” screen is next. IMPORTANT: You have to change the cipher (defaul is “Standard”) to the one configured in the server.conf file on the VPN access server. Current default is AES-256-CBC. If you don’t change it, you will still get connected but no real traffic will flow over the VPN (you won’t get any service or connectivity). You can also “Comp-LZO” compression; next
– Conclusion screen shows you a summary of your choices. Click the “Finish” button if everything looks OK
– Your new VPN connection config will appear in the Window of the VPN client. Right-click on it and choose “Connect”
– The next 2 screens will ask for your username and password. Both answers are the name of the client we used to create the certificate which is remoteclient1. You can also select the “Save Data” on both questions to have the VPN client remember your answers.
– The VPN connection to the server should be established once you press OK for the 2 questions above.

23. Suggested optional step: to configure OpenVPN to log into it’s own log file and not /var/log/messages (especially if you are debugging issues.)
Edit server.conf and change the log-append line (it is likely to be commented out. So remove the “;” at the begining of the line).

log-append /var/log/openvpn.log

24. Optionally install Web-pased connection monitor

– Download it from https://github.com/furlongm/openvpn-monitor/

– You need to install the semanticversion package to run the openvpn-monitor successfully

– Use pip to install the semantic_version package:
# yum install python-pip
# pip install semantic_version

Alternatively if for some reason you can’t install pip, you can install the semantic_version “manually” with python:

# cd /tmp
# git clone git://github.com/rbarrois/python-semanticversion.git
# cd python-semanticversion
# python setup.py install

– Then continue with installation instructions on the openvpn-monitor webpage above (start from the section for your Operating System)

NOTE: on RHEL/CentOS 6.x, you may need to edit /var/www/html/openvpn-monitor/openvpn-monitor.conf and enter the coordinates of your starting point (probably the location of your server). You can get the “DD coordinates” (for longitude and latitude) for your location (I was able to get the coords for my campus) from http://latitude.to/ for example. You can also try https://www.distancesto.com/coordinates.php

25. Restart (start) the OpenVPN service (any errors will be in file /var/log/messages)
# service openvpn restart

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
NOTES:

1. You may need to enable ipv4 forwarding if you want the remote clients to connect to other systems on the network of the VPN access server. The community version seems to do this by default but not sure of the commercial version (“sysctl -w net.ipv4.ip_forward=1” )
You will also need to edit server.conf and use the “push route” option so that the routes to (private) subnets “behind” the VPN server is sent to the clients if required (so the clients can reach other systems on those private subnets)

2. GUI for OpenVPN server on Windows:
download from https://github.com/OpenVPN/openvpn-gui

3. Alternative GUI-based way to control OpenVPN via Webmin module. Not worth the trouble as the developer’s website is not in English and not sure how up to date the module is. Not recommended.

yum install perl
yum install perl-Net-SSLeay
wget http://prdownloads.sourceforge.net/webadmin/webmin-1.831-1.noarch.rpm
rpm -Uvh wget webmin-1.831-1.noarch.rpm
download openvpn-2.6.wbm.gz from http://www.openit.it/index.php/it/openvpnadmin and use Webmin to install it.
The module can generate certificates but I found it much more troublesome than the direct approach I used above.

4. There are various other options you may need to change in server.conf (and which must match on the client as well) to further optimize your setup.

5. Systems used in the config above (3x VMs running on VMWare workstation 12.5.2 on a HP EliteBook 840 – Windows 7, 16GB RAM, Intel Core i7 vPro):
a. Red Hat Enterprise Linux Server release 6.3 – OpenVPN 2.4.0 access server
b. Windows 8 (VPN client)
c. Windows XP (system “behind” VPN server on a private subnet)

6. Some other install guide:
http://www.ciscopress.com/articles/article.asp?p=605499
https://help.ubuntu.com/lts/serverguide/openvpn.html
https://openvpn.net/index.php/open-source/documentation/howto.html#security
https://openvpn.net/index.php/access-server/docs/quick-start-guide.html
https://openvpn.net/index.php/open-source/documentation/howto.html#install
https://www.digitalocean.com/community/tutorials/how-to-setup-and-configure-an-openvpn-server-on-centos-6

7. There several other clients for Windows, MAC, etc on the Internet. Some are free (open source/closed-source) and some are commercial/proprietary. Each has it’s own idiosyncrasies. I found it difficult getting the OpenVPN client to work with the OpenVPN server I set up above, but it worked seamlessly with their own OpenVPN AS VPN server (the commercial version of the OpenVPN server that comes with a management GUI).

8. Keywords or Tags: PKI,SecurePoint,OpenVPN,VPN,Diffie hellman,EasyRSA,RedHat,rpmbuild,github,Linux

9. The content of the /etc/init.d/openvpn service control script. You can add the service to run-levels 345 so it starts automatically whenever you (re)start the server (command “chkconfig –add openvpn”).

#!/bin/sh
#
# openvpn This shell script takes care of starting and stopping
# openvpn on RedHat or other chkconfig-based system.
#
# chkconfig: 345 24 76
#
# description: OpenVPN is a robust and highly flexible tunneling application \
# that uses all of the encryption, authentication, and \
# certification features of the OpenSSL library to securely \
# tunnel IP networks over a single UDP port.
#

# Contributed to the OpenVPN project by
# Douglas Keller <doug_at_voidstar.dyndns.org>
# 2002.05.15

# To install:
# copy this file to /etc/rc.d/init.d/openvpn
# shell> chkconfig –add openvpn
# shell> mkdir /etc/openvpn
# make .conf or .sh files in /etc/openvpn (see below)

# To uninstall:
# run: chkconfig –del openvpn

# Author’s Notes:
#
# I have created an /etc/init.d init script and enhanced openvpn.spec to
# automatically register the init script. Once the RPM is installed you
# can start and stop OpenVPN with “service openvpn start” and “service
# openvpn stop”.
#
# The init script does the following:
#
# – Starts an openvpn process for each .conf file it finds in
# /etc/openvpn.
#
# – If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes
# it before starting openvpn (useful for doing openvpn –mktun…).
#
# – In addition to start/stop you can do:
#
# service openvpn reload – SIGHUP
# service openvpn reopen – SIGUSR1
# service openvpn status – SIGUSR2
#
# Modifications:
#
# 2003.05.02
# * Changed == to = for sh compliance (Bishop Clark).
# * If condrestart|reload|reopen|status, check that we were
# actually started (James Yonan).
# * Added lock, piddir, and work variables (James Yonan).
# * If start is attempted twice, without an intervening stop, or
# if start is attempted when previous start was not properly
# shut down, then kill any previously started processes, before
# commencing new start operation (James Yonan).
# * Do a better job of flagging errors on start, and properly
# returning success or failure status to caller (James Yonan).
#
# 2005.04.04
# * Added openvpn-startup and openvpn-shutdown script calls
# (James Yonan).
#

# Location of openvpn binary
openvpn=””
openvpn_locations=”/usr/sbin/openvpn /usr/local/sbin/openvpn”
for location in $openvpn_locations
do
if [ -f “$location” ]
then
openvpn=$location
fi
done

# Lockfile
lock=”/var/lock/subsys/openvpn”

# PID directory
piddir=”/var/run/openvpn”

# Our working directory
work=/etc/openvpn

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
if [ ${NETWORKING} = “no” ]
then
echo “Networking is down”
exit 0
fi

# Check that binary exists
if ! [ -f $openvpn ]
then
echo “openvpn binary not found”
exit 0
fi

# See how we were called.
case “$1″ in
start)
echo -n $”Starting openvpn: ”

/sbin/modprobe tun >/dev/null 2>&1

# From a security perspective, I think it makes
# sense to remove this, and have users who need
# it explictly enable in their –up scripts or
# firewall setups.

#echo 1 > /proc/sys/net/ipv4/ip_forward

# Run startup script, if defined
if [ -f $work/openvpn-startup ]; then
$work/openvpn-startup
fi

if [ ! -d $piddir ]; then
mkdir $piddir
fi

if [ -f $lock ]; then
# we were not shut down correctly
for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
if [ -s $pidf ]; then
kill `cat $pidf` >/dev/null 2>&1
fi
rm -f $pidf
done
rm -f $lock
sleep 2
fi

rm -f $piddir/*.pid
cd $work

# Start every .conf in $work and run .sh if exists
errors=0
successes=0
for c in `/bin/ls *.conf 2>/dev/null`; do
bn=${c%%.conf}
if [ -f “$bn.sh” ]; then
. ./$bn.sh
fi
rm -f $piddir/$bn.pid
$openvpn –daemon –writepid $piddir/$bn.pid –config $c –cd $work
if [ $? = 0 ]; then
successes=1
else
errors=1
fi
done

if [ $errors = 1 ]; then
failure; echo
else
success; echo
fi

if [ $successes = 1 ]; then
touch $lock
fi
;;
stop)
echo -n $”Shutting down openvpn: ”
for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
if [ -s $pidf ]; then
kill `cat $pidf` >/dev/null 2>&1
fi
rm -f $pidf
done

# Run shutdown script, if defined
if [ -f $work/openvpn-shutdown ]; then
$work/openvpn-shutdown
fi

success; echo
rm -f $lock
;;
restart)
$0 stop
sleep 2
$0 start
;;
reload)
if [ -f $lock ]; then
for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
if [ -s $pidf ]; then
kill -HUP `cat $pidf` >/dev/null 2>&1
fi
done
else
echo “openvpn: service not started”
exit 1
fi
;;
reopen)
if [ -f $lock ]; then
for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
if [ -s $pidf ]; then
kill -USR1 `cat $pidf` >/dev/null 2>&1
fi
done
else
echo “openvpn: service not started”
exit 1
fi
;;
condrestart)
if [ -f $lock ]; then
$0 stop
# avoid race
sleep 2
$0 start
fi
;;
status)
if [ -f $lock ]; then
for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
if [ -s $pidf ]; then
kill -USR2 `cat $pidf` >/dev/null 2>&1
fi
done
echo “Status written to /var/log/messages”
else
echo “openvpn: service not started”
exit 1
fi
;;
*)
echo “Usage: openvpn {start|stop|restart|condrestart|reload|reopen|status}”
exit 1
;;
esac
exit 0

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment

Fact includes Faith

FACT includes Faith

If your faith is limiting you, go forward not backwards. Start operating with fact: God’s facts. 
Physics and this reality will tamper with our faith. For example, I know I am not supposed to be able to walk on water. So when I try in faith, I am already at a disadvantage.

You believe when you turn on the tap in your kitchen, water will come out. Because you know there’s water in your overhead tank. So you lather you hands, turn on the tap and put your hands under it. That’s not faith in the tap – that’s fact. You know it for a certain. (By the way, Lagos has thought me to confirm the “fact” that there’s water by turning on the tap first before grabbing the soap).

Jesus walked on water, not because he had faith. But because that is his fact. He knew he was the son of God and can do all things. He didn’t walk on water by faith, he did it by God’s fact. By God’s reality if you will.

A baby has a better chance of walking on water than an adult. Why? Because having faith implies you know the alternative and knowing the alternative tampers with our faith (i.e., we doubt). A baby does not know the “alternative” about many things. She might walk to the edge of a pool and inquisitiveness might cause her to bend down and deep a finger in it. Now her fact includes the knowledge that water is a strange thing different from the solid ground she’s standing on. Alternatively a baby might come to the same pool and just keep on walking. Because her fact at that point does not include the “knowledge” that water won’t support her weight.

There’s nothing wrong with faith. In fact, faith is good. But fact is better. Our faith can fail, but God’s fact never does. It is forever true and constant.

If Paul referred to the righteousness of God in us (Romans 3:22), which would help us be righteous, then we can refer to God’s fact (or appropriate His fact) as our believe to help us be all we can be, and not our own faith that’s subject to our senses despite our best effort.

Fact thus supersedes faith. I shall start operating in fact. Not my own fact (which barely feeds me not to talk of feeding five thousand), but in God’s fact. That remains always true.
So let us complete the circle. We are not denying the place of faith. In “fact”, we are saying God is ever faithful because His fact is ever constant. Put another way, I shall put “my faith” in God’s facts (and not in my ability to convince myself to “believe”).

And lest any man accuse me of heresy, I shall “be like bro” Paul in 1 Corinthians 11:16. (His previous pronouncements on “hair” are not law so feel free to disagree). In my case, it’s the wanderings of a sleepless mind at 3:00am.

Posted in Uncategorized | Tagged , , , , , | Leave a comment

Sleepless

Sleepless

4 thousand miles across the pond
She still haunts my dreams and my days
Shall I get a 10-tongued whip
With barbs of steel on every strand

Shred my back and front
Till I rid my soul of perdition
That has but one destination
Born of my desires and my infatuation

Woe is me I think
For the pain is not in my flesh nor in my bones
A branding iron can not distract me
Nor the food nor the wine nor the nectar that is fresh cider

I shall lie me down now
And dream of wings of fire
Of Saturn and Pluto
One a cauldron, the other – ice

2:10am. 25/01/2017

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment

It’s only 1997

I found a CD containing some Visual Basic (VB5) codes I had written a while back (Surds and Arabic-to-Roman-Numerals) and decided to re-live what the IDE looked like then. I have never really been a programmer (People life Prof. Dayo, Shina and Adan “Java” come to mind) because if there is a word lighter than lightweight, that’s what I should use for the few codes I have written. I guess trivial is a better word as lightweight in programming has a completely different meaning

But that’s not the point of this post. It’s more to buttress the pace at which technology changes. I found Visual Basic 5 on the freedownloadmanager.org website under the Windows abandonware section and installed it on my system. During the installation, I came to the component selection screen below and was drawn to the meagre disk space requirement  (compared to the multi-GB requirements of some newer coding platforms).

Look at the screen-grab below and see if you can tell what’s odd before scrolling down:

It’s the “Space available on C:” value! It’s set to “999999 K” which is just under 1GB. I am too lazy to go check what sort of hard disk sizes were predominant in 1997 but I suspect, whoever wrote this part of the installer probably used a field with only 6 digits in it a la “640K ought to be enough for anybody.” quote by the big boss himself (Bill Gates). So I guess the logic would be something like “if we get some value back that overruns the field just set it to the max supported value which would be 999999 since it’s unlikely there will be many of those disks around. We can’t code for every negligible corner case right?”
I am not berating the programmers: I just wanted to use it to point out the rapid pace of technological development.

The laptop I installed it on had a 476GB Hard Disk Drive (HDD) with 131GB free space. Since that field in the installer was expressed in KiloBytes (KB), they would have required 9 digits instead of the 6. People code smarter now of course. “Human-friendly form” would result in the value been converted to GB or TB (etc) which reduces the field’s required number of digits.

And the VB5 IDE was just 20 years ago. Of course in computing, that’s another era/lifetime.

End Note: Bill Gates has always denied ever making the statement above. So why didn’t I remove it? Some things are part of computing lore. That quote is one of them.

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment

Change …

I could already see them as I came round the bend. Policemen on my side of the road and road safety men on the opposite side. I mentally assured myself there was nothing to worry about as my papers were complete.I was still like 5 car lengths away when he started waiving me to the side of the road. He came to the passengers side of the car and indicated I take my side window further down. 

Me: “Good afternoon bros” (with a smile)

OC: “Good afternoon” (returned smile). How is work?”

Me: “We dey try. Change is changing all of us.”

OC: “You don’t look like change is affecting you o”

“Film trick”. I laughed.

“Are you with your tinted permit?” (Back to business. The weekend needs “lubricating”).

Me: “Yes.” I made to release my seat belt so I could reach into my glove box. 

OC: “Don’t worry. Where is my weekend gift?” (The smile is back)

Me: “Even me I am looking for weekend gift” (I laughed).

OC: “You can go. Don’t worry. God go provide.”

Me: “Amen o.”

Posted in Uncategorized | Leave a comment

“Change”

“Change”

I have decided to rage against the machine!
I shall no more be a conformist!
People say “Why cooked yam and okro soup”
I say “Why not?”
You ask what has that got to do with “Change”
I say “The journey of a thousand mile starts with a single step”
Let me start small …

Posted in Uncategorized | Tagged , , , , , | Leave a comment

You (3 or 4 or whatever)

“You are leaving? Really? For how long? I am sure you will come back. But you have to do a threesome before you leave. It won’t cost you anything. Really. If nothing else, just watch them do each other.” He said to me.
And all I could think of was you. 

So I smiled and said nothing. 

Posted in Uncategorized | Leave a comment

Leaders of Today

Leaders of Today

When I was in primary school, there was this marching song that had “we are the leaders of tomorrow” as part of the lyrics. My voice used to overshadow those of my classmates as that was my favourite part of the song, YES! I dreamt of being at the helm of affairs, I aspired to be a very powerful woman and that song always kept my hopes high. It gave me the assurance that my dreams would definitely be accomplished.
I never liked the way things were going on in the country: the bad roads, the poor infrastructure and poor electricity supply. I remember how excited we used to be any time we had electricity supply. The shout of “UP NEPA!” always filled the air especially from little children like me. Those were the things I could see and understand as the problems of the country. I never knew they were more than that.

My assumption of my future, my dear tomorrow, was a setting where children of my generation, strictly my generation, would be at the helm of affairs and occupying relevant and significant positions in the society. I felt it was “turn-by-turn” and I believed our leaders, parents, teachers were living their own future and probably in the next twenty years we would be given the opportunity to live ours. I heard stories about the military heads of state and how at thirty (years) some of them had already assumed office. All these further inspired me as a pupil and I believed if I worked hard I should also be in a relevant position before thirty. I should be a woman of my own. I saw in me a younger version of Queen Elizabeth, Helen Sirleaf Johnson, Funmilayo Ransome Kuti, Flora Shaw, etc. I dreamt of being greater and more relevant than these women.

Childhood was sweet and unique, the inspirations were perpetual. Things looked so easy and the future was equally bright, very bright! I really miss being a child, there was nothing to worry about.
I moved from primary to secondary school with my head still high. I always wore a contented smile anytime I remembered my dear tomorrow, I looked forward to the day when the reign of those old men and woman would pass away and another generation would be opportuned to display their potentials. I was in a hurry, I couldn’t wait for my turn to come. I waited patiently for the announcement day but unfortunately nothing like that happened. I still kept seeing the same faces on TV, I heard the same names. These are the people I have always noticed since I was in primary one and even till JSS2. Their names were still all over the place. Seven years and nothing like change! I was in a great labyrinth and I wondered if those people don’t allow others when would it finally get to my turn.

I got to SSS2 and it was still the same story. I was forced to ask my teacher why it was a particular caucus that dominated the important positions in our society and she explained to me that it was the kind of society we live in. The taste of power and wealth is so sweet that a particular set of people aspire to enjoy it alone. They keep passing the baton to themselves and the deserving ones are not given any opportunity. Then it dawned on me that the future may never come. My dear tomorrow might just be a fiction. I was very confused. My whole perspective about the future was wrong!

I used to think there was a regulatory body in charge of the future and after a stipulated time there was going to be something like a census. This would officially make the people in power/offices retire and give room for the competent younger ones. In this way, everyone would be allowed to live their dreams. I felt it was that easy. I was weakened and I told myself what I needed was to graduate with good grades, get a good job and raise a family. The tomorrow thing was all a fiction. I felt all schools should be banned from singing that marching song: it only deceives the students.

As I grew older, I started seeing what life really meant. The future is indeed real but there is no stipulated time for it. There is more to the future than just graduating with good grades, as a child all I understood was school and graduating with good grades. There is indeed more to life than being a doctor or lawyer. There is something called potential. You have to set goals. You can start living your dreams from today. We don’t have to wait for tomorrow, waiting for tomorrow is just a way of limiting ourselves, the tomorrow may never come, it is our responsibility to live our dreams, the government won’t live them for us.

As I write this article, I am in my second year in the University and I can tell you that the political, social and economic structure has not really changed. The same set of people still dominate everything and everywhere but surprisingly, we have people who have no popular background making it in life but these are people who made extra moves and who started planning their future a long time ago. There is more to life than waiting and procrastinating, we have our potentials, there is something built into each of us. Why not discover them? It doesn’t disturb school. Education is very important in life but there are a lot of things to be learnt outside school.

If you aspire to be a medical doctor why not make extra moves, discover! Explore! Launch extraordinary things relating to science. Isaac Newton developed the law of gravitation, calculus and three laws of motion at the age of twenty-three, all during two years that Cambridge was closed due to the plague. There is a little write-up that was sent to me by a WhatsApp contact which stated that a dropout of Cambridge or Harvard is equivalent to a PhD holder from a Nigerian university. I was totally devastated and amazed by that. Who says we can’t have a greater version of Isaac Newton, Bill Gates or even Mark Zuckerberg in Nigeria. We have subjected ourselves to limitations, but I refuse to be intimated. That is why I am writing this article.

Opeyemi Awoyemi, Ayodeji Adewunmi, and Olalekan Olude started Jobberman on the campus of Obafemi Awolowo University, Ile-Ife. Jobberman.com is an employment website and has beem described by Forbes as West-Africa’s most popular job search engine and aggregator. They were even recognised by Mark Zuckerberg for their efforts in the technology and employment sectors in Nigeria. They created an opportunity themselves and gave other people different opportunities; Jobberman has definitely contributed to creating employment in Nigeria.

Opportunities can be created by ourselves, we don’t always need to wait for them to come. Why not make a move today, sooner or later your moves would be noticed. About three days ago I read about DJ Obi who is set to break the record for the longest DJ set in the world. He believed he could do it and he set out to play continuously for 240 hours and I am positive he would break the record and for the first time set the world record for Nigeria.

We breed more youths with Facebook and Instagram swags than those with innovations. There is nothing that can’t be done in a new way, be you a writer, musician, model, actress, lawyer, doctor, blogger, fashion designer or make up artist. There are new ways things can be done, it just entails innovations and the ability to discover. Social media has even made things easier, but there is more to it than just chatting and monitoring other people’s progress in life. A lot of people make fortunes from this social media. Take a look at SISIYEMMIE, she is a lifestyle blogger and she made something tangible out of her life via social media. There are a lot of people like that who have used this ordinary things in extraordinary ways.

I think even our leaders don’t believe in this generation of ours and that is why we are always left behind. We lack active and sensitive youths, we breed a lot of those who are quick to laugh and make caricature of everything. We need youths who are active in political and developmental aspects of our country, we need youths who are assertive and are always ready to take up any challenge in the quest for what they really want.

The more we keep quiet, the more we portray ourselves as vision-less and dumb as they really think we are, things may really be difficult but it is 100% possible for us to solve our problems ourselves, we all have something built in us, we just have to discover them and start making use of them. No matter how difficult things may look, there is always a sweet side of it.

I am putting every Nigerian youth out there to a challenge. It is our time to make it happen, the future has come. The “tomorrow” is today, enough of the limitation and intimidation by our leaders. We now crave for what is truly ours, we want to be relevant and accorded our due respect. All this depends on us, let us keep our heads high, make good use of whatever is built in us. We are the leaders of today so let us take charge and help Nigeria regain her rightful place among the committee of nations. It is possible! Let us make it happen! It depends on you and me!!

BY: AGEMO, Oluwabukola Miriam (guest writer from UNILAG)
Founder, “Arise African Child” Movement

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment

How Reading Impacts Knowledge

How Reading Impacts Knowledge

Reading, according to the Oxford Advanced Learner’s dictionary, is defined as the process or act of looking at and understanding the meaning of written or printed word or symbols. The concept of reading is to learn; impact knowledge; to grow; to emphasise; to understand; to marvel, and to wonder. Reading is the root of strength of an individual even of a nation, hundreds of millions is allocated towards clothing and cosmetic just to take care of our outward and physical appearances. It is just a pity and very unfortunate that very little amount of Naira is spent on our inward strength which includes knowledge.

Reading really impacts knowledge. It helps in developing our cognitive domain which gives us the ability to solve problems and generate creative ideas. I personally, can now boast of a mind that can generate many thoughts per minute, per hour and per day. Not thoughts that can change my life alone but also of those living around me and my nation as a well. Reading also helps us in developing habits and virtues that can change our thoughts and help us live a life worth emulating.

Reading indeed is a fountain of knowledge. When we read we get unlimited knowledge and information. Continual reading is a major source of knowledge and information, it is something important in our life and our major key to success in life. Reading as a process and science has helped me acquire many forms of knowledge that has improved my personal thinking and enhanced my skills.

Reading also makes us conscious and it awakens our knowledge towards things happening around us which includes: political development, social and economic development, values and cultures of different societies and even contemporary social issues and how they can be curbed and tackled.

Readers they say are leaders. Reading has me helped me as a person in developing various skills which includes leadership skills. Being a great lover of biographies, inspirational books and spiritual books, they have given me a sense of leadership and empowered me with various skills necessary in helping others solve their problems. Biographies have helped me to know about people’s sojourn in life, the problems encountered and how to solve such problems. Inspirational books are awesome, they make me see myself as a character in the book and they also teach success and leadership strategies. Spiritual books help me grow in union with God and he uses me to impact other people’s lives and give them a good direction and sense of living. Therefore, having more clarity and understanding God’s purpose for my life.

Reading really feeds our minds. There is a saying that “you are what you read.” The type of materials you read has a great impact either negative or positive. The human brain is like a computer that is a continuous ongoing creative machine that never ceases. Our minds, like a computer, needs to be fed with information to keep it stimulated and reading is the best source of knowledge we can feed our brains with, because without information we become stagnant.

Reading helps in improving our educational standards, it also gives us higher knowledge and intelligence than those who do not read at all. Reading also helps in reducing stress, as a book can easily distract one from our burdens in the midst of activities and stressful days. It also helps in increasing analytical thinking, increases vocabularies, and in developing good writing skills and having prioritised goals.
In conclusion, reading for me is not all about escaping into a world of fiction, it is also about providing a context in our environment both real and imaginative. If we can breed many good readers in our country today, Nigeria would be able to regain her rightful place among the committee of nations because her citizens would have been fully equipped with the necessary skills for her development.
Reading is a real essence of living and a mighty fount of knowledge. It helps to be outstanding when others are standing and to stand out when others are outstanding.

AGEMO, OLUWABUKOLA MIRIAM (guest writer from UNILAG)
Founder, “Arise African Child” Movement

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment