Home

FreeRadius com WPA (EAP TLS)

Alguém já tentou instalar o FreeRadius com suporte à EAP no Debian??? Tarefa hérculea. Essa aplicação tem uso em redes Wi-Fi com WPA para autenticação de usuário. Em Debian, o pacote freeradius existe, mas infelizmente vem sem o suporte ao EAP devido a problemas de restrição de licença, como pode ser visto nesse bug report. Garimpando a rede, encontrei uma alma caridosa que enfrentou o mesmo problema e criou um patch para compilar e criar o pacote necessário:freeradius-eaptls. Consegui compilar e criar o pacote com a versão 1.0.2 sem problemas.

É triste mas também é preciso admitir que Debian está se tornando inconveniente para uso como servidor. Como seu foco não é em Desktop (se for, algo está muuuuuuito errado), fico na dúvida em como classificar a distribuição. Dizer que é apenas uma distro conceitual não faz jus aos méritos de boa parte dos trabalhos realizados sobre a mesma. Dizer que não existem problemas também é hipocrisia. O que fazer? Estou utilizando Ubuntu como Desktop, mas confesso que gostaria de ver a própria Debian com esse mesmo nível de maturidade...

Controle de banda com pf

Script utilizado para realizar o controle de banda no sistema wi-fi da Futurecom2005. O primeiro problema encontrado foi que o sistema utilizava VLANs para dividir o tráfego enquanto que o controle de banda é somente possível em interfaces físicas. Felizmente funcionou a contento.

AP_NET="172.20.0.0/22" 
MAN_NET="192.168.48.0/0" 
VLAN100="201.25.199.254" 
VLAN200="201.34.160.254" 
VLAN300="201.34.161.254" 
VLAN400="172.20.3.254" 
VLAN500="192.168.48.254" 
VLAN100_INTF="vlan1" 
VLAN200_INTF="vlan2" 
VLAN300_INTF="vlan3" 
VLAN400_INTF="vlan4" 
VLAN500_INTF="vlan5" 

ME="{ 192.168.48.254, 201.25.199.254, 201.34.160.254, \
   201.34.161.254, 172.20.3.254}" 
SSH="{ 192.168.48.254, 201.25.199.254 }" 
EXT="em0" 

set timeout { interval 10, frag 30 } 
set timeout { tcp.first 120, tcp.opening 30, \
   tcp.established 86400 } 
set timeout { tcp.closing 900, tcp.finwait 45, \
   tcp.closed 90 } 
set timeout { udp.first 60, udp.single 30, \
   udp.multiple 60 } 
set timeout { icmp.first 20, icmp.error 10 } 
set timeout { other.first 60, other.single 30, \
   other.multiple 60 } 
set timeout { adaptive.start 0, adaptive.end 0 } 
set limit { states 10000, frags 5000 } 

##set loginterface none 
set optimization normal 
#set block-policy drop 
set require-order yes 
set fingerprints "/etc/pf.os" 

scrub in all 

### bandwidth 
altq on $EXT 
cbq bandwidth 15Mb 
queue { ots, ssh, voip, web, dhcp } 
queue ots bandwidth 10% priority 0 cbq(default ecn) 
queue ssh bandwidth 100Kb priority 7 cbq(borrow) 
queue voip bandwidth 30% priority 5 cbq(borrow) 
queue web bandwidth 60% priority 3 { http, mail, msn, dns } 
queue http bandwidth 60% cbq(borrow red) 
queue mail bandwidth 30% cbq(borrow red) 
queue msn bandwidth 10% cbq(borrow red) 
queue dns bandwidth 10% cbq(borrow red) 
queue dhcp bandwidth 10% priority 5 cbq(borrow) 
nat on $VLAN100_INTF from $AP_NET to any -> ($VLAN100_INTF) 

block in log all 
block return in on $EXT inet all queue ots 

pass out all 
#pass in all 

pass out inet proto tcp from any to any port 80 keep state queue http 
pass out on $EXT inet proto tcp from any to any port { 80, 443 } \
   keep state queue http 
pass out on $EXT inet proto tcp from any to any port { 25, 110, 143, \
   465, 993, 995 } keep state queue mail 
pass in on $EXT inet proto tcp from any to any port 1863 keep state \
   queue msn 
pass out on $EXT inet proto tcp from any to any port 1863 keep state \
   queue msn 
pass in on $EXT inet proto tcp from any to any port 22 keep state queue \
   ssh 
pass out on $EXT inet proto tcp from any to any port 22 keep state queue \
   ssh 
pass in on $EXT inet proto udp from any to any port 5060 keep state \
   queue voip 
pass out on $EXT inet proto udp from any to any port 5060 keep state \
   queue voip 
pass in on $EXT inet proto udp from any to any port 10000:20000 keep \
   state queue voip 
pass out on $EXT inet proto udp from any to any port 10000:20000 keep \
   state queue voip 
pass in on $EXT inet proto udp from any to any port 67:68 keep state \
   queue dhcp 
pass out on $EXT inet proto udp from any to any port 67:68 keep state \
   queue dhcp 
pass in on $EXT inet proto udp from any to any port 53 keep state queue \
   dns 
pass out on $EXT inet proto udp from any to any port 53 keep state queue \
   dns 
#pass in quick proto tcp from any to $SSH port 22 keep state 
#block in proto tcp from any to any port 80 
pass in quick proto tcp from any to $ME port 80 
pass in quick proto udp from any to any port 53 keep state 
pass in quick proto udp from any port 53 to any keep state 
pass in quick proto { tcp, udp } from any to $ME port { 67, 68 } keep state 
pass in quick proto { tcp, udp } from $AP_NET to $VLAN400 port { 67, 68 } \
   keep state 
pass in quick proto { tcp, udp } from any to $ME port { 67, 68 } keep state 
#pass in proto { tcp, udp, icmp } from any to any 
block in quick log proto { tcp, udp } from any to any port { 135, 136, 137, \
   138, 139, 445, 1433, 1434 } 
pass in quick proto udp from any to $ME port 161 keep 
state pass in quick proto udp from any port 161 to $ME keep state 

#block in log from any to $MAN_NET 
#block out log from $MAN_NET to any pass out from $ME to any 
#block in quick log from any to $MAN_NET 
#block in quick log from $MAN_NET to any 

pass in quick proto icmp from any to $ME keep state 
pass out quick proto icmp from $ME to any keep state 
pass out quick proto tcp from $ME to 192.168.48.0/24 keep state 
pass in quick proto udp from 192.168.48.0/24 to $ME port 161 keep state 
pass in from any to any 
block in log from any to $ME 

Adicionando regras de redirect

Configurando um DSL-500G (na verdade um Ericsson 310 ou algo assim), precisei criar algumas regras na mão, já que a interface gráfica não funcionou 100%, principalmente quanto as regras de port-redirect.
A topologia que tenho é:
- IP LAN do modem: 192.168.254.254
- IP WAN do modem: dinâmico via PPPoE
- IP do servidor Linux interno: 192.168.254.200

Para criar então um redirecionamento externo para port 22 (ssh) do servidor, adicionei a seguinte regra:

 create nat rule entry ruleid 2 rdr prot tcp \
   lcladdrfrom 192.168.254.200 lcladdrto 192.168.254.200 \
   destportfrom num 22 destportto num 22 

Mais exemplos em: http://corz.org/comms/hardware/router/bt.voyager.205_router_commands.text

Limpando listas com mailman

De tempos em tempos é necessário fazer uma *faxina* na lista de discussão que administro, a [linux-br]. Alguns usuários saem da lista, outros ativam os famosos *anti-spam*, e coisas do gênero começam a atolar a lista em mensagens incômodas. Isso pode ser resolvido com uma pequena remoção desses usuários (assim que comunicados). Infelizmente alguns desses usuários optam por fazer a inscrição na lista com um mail qualquer, em geral gratuito como gmail, e fazem o redirecionamento do mesmo para seu mail de recebimento. O que ocorre é que as mensagens retornam com um mail não inscrito na lista. Para encontrar o dono da mensagem, criei alguns script, dois na realidade.

Uma vez que não sou administrador do servidor de listas, não consigo simplesmente conectar e buscar a base de assinantes. Preciso solicitar a quem tem acesso shell para fazer isso. Como a CIPSGA é mantida por trabalho voluntário, nem sempre isso é rápido. Então criei um script para buscar os assinantes da lista, via web, e salvar em um arquivo:

#! /bin/sh 

pass_adm="senha_admin" 
lynx_opts="-accept_all_cookies -cookie_file=cookie -post_data" 
member_link="http://listas.cipsga.org.br/cgi-bin/mailman/admin/linux-br/members"
file_dst="/tmp/listagem" 

for char in a b c d e f g h i j k l m n o p q r s t u v x y w z 
   do for id in 0 1 2 
      do echo "Char=$char and ID=$id" 
      echo "adminpw=$pass_adm" | \
         lynx $lynx_opts "${member_link}?letter=$char&chunk=$id" | \
         grep @ | grep "^.*\[" | sed 's/.*\]//' | \
         grep -v "de .* para " >> $file_dst.$$
   done 
done 

cat $file_dst.$$ | sort -u > $file_dst 

Com isso cria-se a listagem de usuários.

Uma vez com a lista em mãos, falta enviar uma mensagem para cada assinante para verificar se o mesmo está ativo ou não. ?? interessante indexar o envio para saber quem é quem. O seguinte script faz o serviço:

#! /usr/bin/env python 
server="mail.dominio.com.br" 
port=25 
mailfrom="Helio Loureiro" 
rcptto="" subject="Checagem da linux-br" 

import sys, smtplib 
try:
   file = open(sys.argv[1])
   erro_f = open("/tmp/mail_err.lst","w") 
except:
   print "Use: %s [mails_list_file]" % sys.argv[0] sys.exit(0) 

id=1 
for line in file: 
   rcptto = line[:-1] 
   print "Sending for: " + rcptto + " [" + str(id) + "]" 
   msg = "From: " + mailfrom + "\r\n" 
   msg += "To: " + rcptto + "\r\n" 
   msg += "Subject: " + subject + "[" + str(id) + "]\r\n" 
   msg += """ 
Essa eh uma mensagem de verificacao de inscricao da linux-br. 

Favor nao responder. 

./helio (BOFH) 

-= Developed in Python =- 
""" 
   try: 
      mail = smtplib.SMTP(server,port) 
      mail.sendmail(mailfrom, rcptto, msg) 
      mail.quit() 
   except: 
      print "Error sending: " + rcptto 
      error_f.write(line) 
      error_f.flush() 
   id += 1 
sys.exit(0)

Com isso tem-se uma forma de saber quem é quem na lista e remover os indesejados.

BEER-WARE LICENSE

Finalmente encontrei uma licença livre o suficiente para utilizar nos programas que crio. Como na próxima oficina Debian estarei apresentado um material sobre VoIP e o mesmo precisa estar dentro de uma licença livre, vou usar essa.

 "THE BEER-WARE LICENSE" (Revision 42):
 wrote this file. As long as you retain this notice you
 can do whatever you want with this stuff. If we meet some day, and you think
 this stuff is worth it, you can buy me a beer in return. Author"

 Este endereço de email está sendo protegido de spambots. Você precisa do JavaScript ativado para vê-lo.

Blog mode

Finalmente corrigi o modo de exibição e habilitei o "jeito" BLOG de ser. Parte das dificuldades de migração da versão 4.5 para 4.5.2.

Autenticador PPPoE para Speedy

 Esse é o script usado para autenticar automaticamente no Speedy da Telefonica (região de São Paulo). Evita que usuários residenciais, como eu, precisem estar em frente à máquina, permitindo que a mesma volte à rede sem intervenção humana.

Instruções para Linux:
    Copie o arquivo com o nome "0speedy_auth" dentro de "/etc/ppp/ip-up.d/". Isso fará com que seja executada no início de cada inicialização ppp. Para tornar o pppoe também automática, inclua a seguinte entrada em "/etc/inittab":
S1:2345:respawn:/usr/sbin/pppd nodetach call speedy
    O nome "speedy" é relativo ao arquivo que deve existir em "/etc/ppp/peers/speedy" com o conteúdo semelhante à:

pty "pppoe -I eth0 -T 80 -m 1452"

noauth

defaultroute

user "Este endereço de email está sendo protegido de spambots. Você precisa do JavaScript ativado para vê-lo."

usepeerdns

Instruções para FreeBSD:
    Inclua o nome do arquivo (e o caminho) em "/etc/ppp/ppp.linkup".

 # $Id: speedy_auth.py,v 1.1 2003/09/12 02:57:40 helio Exp $
 # COPYRIGHT
 #
 #    Copyright © 2003 Helio Loureiro
 #
 #    Permission to use, copy, modify, distribute, and sell this software
 #    for any purpose is hereby granted without fee, provided that the above
 #    copyright notice appear in all copies and that both that copyright
 #    notice and this permission notice appear in supporting documentation.
 #    No representations are made about the suitability of this software for
 #    any purpose. It is provided "as is" without express or implied
 #    warranty.
 
 
 import os, sys, time
 from socket import *
 
 print "Autenticador para speedy $Revision: 1.1 $ - versão super alfa \
 \nEscrito em Python (multiplataforma :-) \
 \nEnvie suas sugestões e críticas para \"helio AT loureiro DT eng DT br\""
 
 hostfake="www.google.com.br"
 web=80
 host='200.171.222.97'
 port=86
 
 adsl = socket(AF_INET, SOCK_STREAM)
 adsl.connect((hostfake, web))
 adsl.send("""GET /intl/pt/ HTTP/1.1
 Host: www.google.com
 User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Python
 Keep-Alive: 300
 Connection: keep-alive\n\n
 """)
 
 adsl.recv(1024)
 adsl.close()
 
 adsl = socket(AF_INET, SOCK_STREAM)
 adsl.connect((host, port))
 adsl.send("""GET /speedywebapp/html/redirect.html?CPURL=http://www.google.com/intl/pt/ HTTP/1.1
 Host: 200.171.222.97:86
 User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Python
 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/pla
 in;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q=0.1
 Accept-Language: pt-br
 Accept-Encoding: gzip, deflate, compress;q=0.9
 Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66
 Keep-Alive: 300
 Connection: keep-alive
 If-Modified-Since: Mon, 08 Sep 2003 12:21:49 GMT
 If-None-Match: "12bc10-4d1-7e901140"\n\n
 """)
 adsl.recv(1024)
 adsl.close()
 
 adsl = socket(AF_INET, SOCK_STREAM)
 adsl.connect((host, port))
 adsl.send("""GET /speedywebapp/servlet/logon?CPURL=http://www.google.com/intl/pt/&opcion=internet HTTP/1.1
 Host: 200.171.222.97:86
 User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Python
 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/pla
 in;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q=0.1
 Accept-Language: pt-br
 Accept-Encoding: gzip, deflate, compress;q=0.9
 Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66
 Keep-Alive: 300
 Connection: keep-alive
 Referer: http://200.171.222.97:86/speedywebapp/servlet/popupView?CPURL=http://www.google.com/intl/pt/\n\n
 """)
 adsl.recv(1024)
 adsl.close()
 
 print "Conexão estabelecida.  Divirta-se!!!"
 
 

Configurando pppoed no FreeBSD

Aqui segue a receita de bolo para configurar um servidor pppoe em um FreeBSD. O uso aqui foi para testes de equipamentos VoIP. O usuários são aqueles configurados no /etc/passwd do sistema, com suas respectivas senhas.

[root@hloureiro ~]# cat /etc/ppp/ppp.conf 
 default: 
     set log All Phase tun command Chat Radius 
     set ifaddr 10.0.0.1/24 10.0.0.100-10.0.0.199 
     enable pap chap passwdauth 
 
 pppoe:
  set device PPPoE:sis0:dlink
  enable lqr
  set cd 5
  set dial
  set login
  set redial 0 0 
 
 dlink:
  allow mode direct 
  enable lqr proxy   
  enable chap pap passwdauth 
  set ifaddr 10.0.0.1/24 10.0.0.100-10.0.0.199 
  accept dns 
 
 [root@hloureiro ~]# /usr/libexec/pppoed -p dlink -F -d sis0
 Sending NGM_LISTHOOKS to sis0:
 Got reply from id [1]: Type ether with 1 hooks
   Got [1]:orphans -> [3]:ethernet
 Sending PPPOE_LISTEN to .:pppoe-5538, provider dlink
 pppoed[5538]: Listening as provider dlink
 
 

Firewall em FreeBSD

  Nos tempos atuais, segurança deixou de ser um item reservados às grandes redes e servidores para tornar-se um companheiro mais próximo no nosso dia-à-dia.  Nesse contexto, o uso de um firewall faz-se mais que necessário.
    Esse é o script de inicialização de firewall que usava em meu laptop, baseado em FreeBSD.  É bem simples e permite um bom nível de segurança.

    Para utilizar, basta copiar o conteúdo abaixo para o arquivo /etc/rc.firewall e adicionar a seguinte entrada em /etc/rc.conf:

firewall_enable="YES"
    Para baixar as regras do firewall e permitir a passagem de todos os pacotes, basta rodar "sh /etc/rc.firewall stop".

#! /bin/sh

fwcmd="/sbin/ipfw"
LOOPB="127.0.0.1/8"

${fwcmd} -f flush
#${fwcmd} add divert natd ip from any to any via ep0
${fwcmd} add allow all from any to any via lo0
${fwcmd} add deny log all from any to ${LOOPB}
${fwcmd} add deny log all from ${LOOPB} to any

${fwcmd} add allow tcp from any to any established
${fwcmd} add allow tcp from me to any keep-state
${fwcmd} add allow udp from me to any keep-state
${fwcmd} add allow udp from me to any 53 keep-state
${fwcmd} add allow icmp from me to any keep-state

${fwcmd} add allow tcp from any to me 21 keep-state
${fwcmd} add allow tcp from any to me 22 keep-state
${fwcmd} add allow tcp from any to me 23 setup
${fwcmd} add allow tcp from any to me 69 setup
${fwcmd} add allow udp from any to me 69 keep-state
${fwcmd} add allow tcp from any to me 80 setup
${fwcmd} add allow tcp from any to me 33434 setup
${fwcmd} add allow udp from any to me 33434 setup
#${fwcmd} add allow tcp from any to me 6000 setup

#${fwcmd} add allow icmp from any to me icmptype 11
${fwcmd} add allow icmp from any to me

${fwcmd} add deny tcp from any to me 135-139
${fwcmd} add deny udp from any to me 135-139
${fwcmd} add deny log all from any to me
${fwcmd} add allow all from any to any

case $1 in
         clean|clear|stop) ${fwcmd} -f flush
                           ${fwcmd} add divert natd ip from any to any via ep0
                           ${fwcmd} add allow all from any to any
         ;;
esac

Minha configuração .emacs

Emacs.  Dizem que ele faz tudo, até edita textos.  Umas das coisas mais complexas do Emacs é configurar o mesmo e conseguir manter as configurações.  Aqui está o arquivo de configuração que uso e que foi conseguido nos idos dos tempos do LCMI (atual DAS).  O autor original deve ser o prof. GB, mas se não me engano peguei de outra pessoa.

;;; initialization file for helio's emacs 
;;; 

; To debug something
; M-x set-variable RET debug-on-error RET t RET
; {Do whatever you do to produce the error.}
; C-x b *Backtrace* RET
;
; or define here.
;(setq debug-on-error t)

(setq user-full-name "Hélio Loureiro") 
(set-language-environment "Latin-1")
(setq auto-fill-mode)
(setq global-font-lock-mode)
 
;; kai dicas . mudei kai -> daniel
(setq default-input-method "portuguese-prefix")

(defun daniel-turn-on-default-input-method ()
 "Turn on the default input method, as defined in `default-input-method'."
 (interactive)
 (activate-input-method default-input-method))

; I call this function in the mode hook for each mode where I want this,
; for example 
(add-hook 'message-mode-hook 'helio-turn-on-default-input-method)
(add-hook 'mail-setup-hook 'helio-turn-on-default-input-method)
(add-hook 'LaTeX-mode-hook 'helio-turn-on-default-input-method)
(add-hook 'text-mode-hook 'helio-turn-on-default-input-method)
(add-hook 'fundamental-mode-hook 'helio-turn-on-default-input-method)
(add-hook 'gnus-summary-mode-hook 'helio-turn-on-default-input-method)
(add-hook 'gnus-article-mode-hook 'helio-turn-on-default-input-method)

;; changes in LaTeX-mode-hook
(add-hook 'LaTeX-mode-hook
 (lambda ()
 (iso-accents-mode 1)
 ;(iso-accents-customize "portuguese")
 (auto-fill-mode 1)
 (font-lock-fontify-buffer)))

; To automatically turn on the abbrev, auto-fill and font-lock features,
; add the following lines to your `.emacs' file as well:
 (setq default-input-method `portuguese-prefix)

;; Add to the load path this directory
;(setq load-path (cons "~/.emacs-lisp/" load-path))
 (add-hook 'fundamental-mode-hook
 (lambda ()
 (abbrev-mode 1)
 (auto-fill-mode 1)
 (if (eq window-system 'x)
 (font-lock-mode 1)))) 

;; lispdir.el --- Lisp Code Directory formatter and apropos
;; Last Modified On: Mon Mar 24 1997
;; Version : 4.5
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;- Add the following lines to ~/.emacs or an equivalent (w/o ";;-" !):
;;
 (autoload 'format-lisp-code-directory "lispdir" nil t)
 (autoload 'lisp-dir-apropos "lispdir" nil t)
 (autoload 'lisp-dir-retrieve "lispdir" nil t)
 (autoload 'lisp-dir-verify "lispdir" nil t)

;; default frame and color settings 
; invoke M-x list-colors-display to choose the colors 
; comment this if you want to see the default settings 
(setq default-frame-alist '((cursor-color . "black") 
 (background-color . "wheat")))

;fonts found on the mailing list, uncomment one at your convenience 
;;(font . "-*-Courier-normal-r-*-*-18-97-*-*-c-*-*-ansi-") 

;;(font . "-*-Courier-bold-r-*-*-18-97-*-*-c-*-*-ansi-") 
;(font . "-*-Terminal-normal-r-*-*-8-60-*-*-c-*-*-oem-") 
;(font . "-*-Terminal-normal-r-*-*-12-72-*-*-c-80-*-oem-") 
;(font . "-*-Terminal-normal-r-*-*-8-60-*-*-c-*-*-oem-") 
;(font . "-*-Terminal-normal-r-*-*-19-142-*-*-c-*-*-oem-") 
 
;; some interactive color settings by means of 
 M-x set-mouse-color RET magenta RET ;strange but this seems not to work.. 
 M-x set-cursor-color RET red RET 
 M-x set-background-color RET black RET 
 M-x set-foreground-color RET yelow RET 
 
;; add to the default path
(setq load-path (cons "~/documentos/latex/" load-path)) 
 
;;; AucTex options
;;(require 'tex-site)

;;; RefTeX options
;;;(setq reftex-plug-into-AUCTeX t)

;;;(add-hook 'LaTeX-mode-hook 'turn-on-reftex) ; with AUCTeX LaTeX mode
;;;(setq reftex-extra-bindings t) ; to use C-c r to references etc...
;;;(setq reftex-cite-format 'author-year) ;;; Nao testada
;;;(setq bib-cite-use-reftex-view-crossref t) ;;; Nao testada
 ;;; Tirar se der problema

;; Useful settings to make RefTeX faster for large (multifile)
;; documents include:
;; (setq reftex-enable-partial-scans t)
;; (setq reftex-save-parse-info t)
;; (setq reftex-use-multiple-selection-buffers t)
;;

;; Tem algum problema com isto aqui
;
; (TeX-add-style-hook "theo"
; (lambda ()
; (LaTeX-add-environments '("theorem" LaTeX-env-label))
; (if (featurep 'reftex)
; (reftex-add-to-label-alist
; '(("theorem" ?p "theo:" "~\\ref{%s}" t
; ("Theorem" "Theo.")))))))

;;; ange-ftp option to pass through the proxy server (in Melbourne)
;;;

;(setq ange-ftp-gateway-host "www-proxy.mame.mu.oz.au:3128")
;(setq ange-ftp-gateway-host "www-proxy.mame.mu.oz.au")
;(setq ange-ftp-gateway-host "sungear.mame.mu.oz.au")
;(setq ange-ftp-gateway-program "/dmart@sungear,mame.mu.oz.au:/usr/bin/telnet")
;(setq ange-ftp-smart-gateway t)

;; Diary support 
 
(setq european-calendar-style 't) 
(setq calendar-week-start-day 1) 
(setq display-time-24hr-format t) ; In 24 hour format 
(display-time) 
(add-hook 'diary-hook 'appt-make-list) 
 
;some useful additional settings 
(setq-default auto-fill-hook 'do-auto-fill) 
(setq fill-column 78) 
 
;; no startup message 
(setq inhibit-startup-message t) 
 
;; this just displays the current column number on the command line 
(setq line-number-mode t) 
 
;; this colorizes the fonts according to the major mode selected 
(global-font-lock-mode t) 
 
(put 'eval-expression 'disabled nil) 
 (setq text-mode-hook '(lambda() (auto-fill-mode 1))) 
 
;; Redefine some keys. 

;; To redefine Alt to Meta for example use
;;
;; >>> xmodmap -pke > .keyboard
;;
;; then edit the file .keyboard making the necessary changes and then
;; type
;;
;; >>> xmodmap .keyboard
;;
;; You can put this in your .login after this

(setq kill-whole-line t) ; Kill EOL too 
(global-set-key [kp-home] 'beginning-of-line) 
(global-set-key [kp-end] 'end-of-line) 
(global-set-key [home] 'beginning-of-line) 
(global-set-key [end] 'end-of-line) 
(global-set-key [C-home] 'beginning-of-buffer) 
(global-set-key [C-end] 'end-of-buffer) 
(global-set-key [S-delete] 'clipboard-kill-region) 
(global-set-key [S-insert] 'clipboard-yank) 
(global-set-key [C-insert] 'clipboard-kill-ring-save) 
(global-set-key [S-right] 'set-mark-command) 
(global-set-key [f1] 'goto-line) ; goto line 
(global-set-key (kbd "<f11>") 'tmm-menubar) ; buffer-menu (as well as F10)
(global-set-key [f11] 'tmm-menubar) ; buffer-menu (as well as F10)
;;;(setq LaTeX-math-abbrev-prefix '(kbd "<f5>") ) 
(setq LaTeX-math-abbrev-prefix '"[f5]")
;;;(setq LaTeX-math-abbrev-prefix '";")
;;;(setq LaTeX-math-abbrev-prefix '"(71)") ; buffer-menu (as well as F10)
;(define-key function-key-map [Alt] [Meta])


; Para o delete apagar para frente e nao para tras
;(global-set-key [delete] 'delete-char) ; delete character under cursor 
;(global-set-key [backspace] 'backspace) ; delete character under cursor 
; (global-set-key [f35] 'scroll-up) ; 
; (global-set-key [f29] 'scroll-down) ; 

; sasf

(global-set-key [f3] 'repeat-search) ; repeat search 
(global-set-key [f4] 'indent-three-spaces) ; indent 3 spaces 
(global-set-key [f8] 'kill-current-line) ; delete current line 
(global-set-key [?\C-z] 'undo); added here because I usually do kills by mistatke 
(global-set-key "\C-x\C-j" 'goto-line) ; Command prompts for linenumber to go to. 

;; Define function that indents three spaces. 
(defun indent-three-spaces () 
 "Indent three spaces." 
 (interactive) 
 (beginning-of-line) 
 (insert " ") 
 (next-line 1) 
) 

;; Define function that removes the current line. 
(setq kill-whole-line t) 
(defun kill-current-line () 
 "Delete the current line." 
 (interactive) 
 (beginning-of-line) 
 (kill-line) 
) 
 
;; prevent echoing ^M in the shell 
(add-hook 'comint-output-filter-functions 'shell-strip-ctrl-m nil t) 

;; printer configuration 
;;;(setq lpr-command "lpr") 
;;;(setq lpr-add-switches nil) 
;;;(setq lpr-switches '("-Plj2")) 
; fix up the menu bar to use lpr-buffer instead of print-buffer 
(define-key menu-bar-tools-menu [lpr-buffer] '("Lpr Buffer" . lpr-buffer)) 
(define-key menu-bar-tools-menu [lpr-region] '("lpr Region" . lpr-region)) 
;;(define-key menu-bar-tools-menu [print-buffer] nil) 
;;(define-key menu-bar-tools-menu [print-region] nil) 
 
;;; Set up POP3 stuff 
(setenv "MAILHOST" "mail.unix-sul.com.br")
(setenv "NNTPSERVER" "news.ufsc.br") 
 
; dynamically expand aliases that are stored in ~/.mailrc 
(add-hook 'mail-setup-hook 'mail-abbrevs-setup) 

;;;(setq mail-default-headers "BCC: helio AT loureiro DOT eng DOT br \nFCC: ~/Mail/Outbox\n") 
(setq mail-signature t)
 
(add-hook 'mail-setup-hook 
 '(lambda() 
 (auto-fill-mode t)
 (iso-accents-mode t) ;liga acentuacao 
 ))


;; fontification font-lock.el much better than the default hilit19.el 
 ;***************************** (for coloring) 
 ;;automatic Font Lock mode in TeX mode 
 ;(add-hook 'tex-mode-hook 'turn-on-font-lock) 
 ;;if Font Lock necessary for other than .tex files, uncomment following 
(global-font-lock-mode t) 
 
;Acentuando por default 
(add-hook 'text-mode-hook 
 '(lambda() 
 (turn-on-auto-fill) ;liga quebra automatica de linhas 
 )) 

;;;OCTAVE mode options
; To begin using this mode for all `.m' files that you edit, add the
; following lines to your `.emacs' file:
 (autoload 'octave-mode "octave-mod" nil t)

;;; I wiped out the function below to avoid conflict with Matlab.El
; (setq auto-mode-alist
; (cons '("\\.m$" . octave-mode) auto-mode-alist))

; To automatically turn on the abbrev, auto-fill and font-lock features,
; add the following lines to your `.emacs' file as well:
 (add-hook 'octave-mode-hook
 (lambda ()
 (abbrev-mode 1)
 (auto-fill-mode 1)
 (if (eq window-system 'x)
 (font-lock-mode 1))))

; (autoload 'octave-mode "octave-mod" nil t)
; (setq auto-mode-alist
; (cons '("\\.m$" . octave-mode) auto-mode-alist))

;; Calc options

;;; Commands added by calc-private-autoloads on Wed Jul 14 12:45:45 1999.
(autoload 'calc-dispatch "calc" "Calculator Options" t)
(autoload 'full-calc "calc" "Full-screen Calculator" t)
(autoload 'full-calc-keypad "calc" "Full-screen X Calculator" t)
(autoload 'calc-eval "calc" "Use Calculator from Lisp")
(autoload 'defmath "calc" nil t t)
(autoload 'calc "calc" "Calculator Mode" t)
(autoload 'quick-calc "calc" "Quick Calculator" t)
(autoload 'calc-keypad "calc" "X windows Calculator" t)
(autoload 'calc-embedded "calc" "Use Calc inside any buffer" t)
(autoload 'calc-embedded-activate "calc" "Activate =>'s in buffer" t)
(autoload 'calc-grab-region "calc" "Grab region of Calc data" t)
(autoload 'calc-grab-rectangle "calc" "Grab rectangle of data" t)
(setq load-path (nconc load-path (list "~/calc-2.02f")))
(global-set-key "\e#" 'calc-dispatch)
;;; End of Calc autoloads.

(custom-set-variables
 '(enable-multibyte-characters t))
(custom-set-faces)
(custom-set-variables)
(custom-set-faces)
(custom-set-variables)
(custom-set-faces)

;;; From rect-mark.el . We have to have rect-mark.el in the path
;;; beginning of definitions

;; Support for marking a rectangle of text with highlighting.
(define-key ctl-x-map "r\C-@" 'rm-set-mark)
(define-key ctl-x-map [?r ?\C-\ ] 'rm-set-mark)
(define-key ctl-x-map "r\C-x" 'rm-exchange-point-and-mark)
(define-key ctl-x-map "r\C-w" 'rm-kill-region)
(define-key ctl-x-map "r\M-w" 'rm-kill-ring-save)
(define-key global-map [S-down-mouse-1] 'rm-mouse-drag-region)
(autoload 'rm-set-mark "rect-mark"
 "Set mark for rectangle." t)
(autoload 'rm-exchange-point-and-mark "rect-mark"
 "Exchange point and mark for rectangle." t)
(autoload 'rm-kill-region "rect-mark"
 "Kill a rectangular region and save it in the kill ring." t)
(autoload 'rm-kill-ring-save "rect-mark"
 "Copy a rectangular region to the kill ring." t)
(autoload 'rm-mouse-drag-region "rect-mark"
 "Drag out a rectangular region with the mouse." t)

; Use this section in your "~/.emacs" to modify picture mode so that
; it automatically uses the rect-mark equivalents of many commands.

;; One vision of a better picture mode.
(add-hook 'picture-mode-hook 'rm-example-picture-mode-bindings)
(autoload 'rm-example-picture-mode-bindings "rect-mark"
 "Example rect-mark key and mouse bindings for picture mode.")
;;; end of definitions of rect-mark.el

;
; Mktable options
;

; Another option is to put the following elisp code inside your
; ``.emacs'' file. Just mark the region and press `C-c C-t'
; (Control-C and Control-t) to run mktable.

 ;;; contributed by Luiz Gonzaga da Silveira Jr.
 ;;; shortcut for make-latex-table
 (global-set-key "\C-c\C-t" 'make-latex-table)

 (defun make-latex-table nil
 "Make a LaTeX table using mktable."
 (interactive)
 (save-excursion
 (if (equal mark-active nil)
 (push-mark nil nil -1))
;;; (setq string
;;; (read-from-minibuffer "mktable [options]: " nil nil nil
;;; 'shell-command-history))
;;; (shell-command-on-region (region-beginning)
;;; (region-end)
;;; (concat "mktable " string) -1)
 (delete-char -1)
 ))
 ;;; cut here

;; Author: Xavier Decoret
;; Maintainer: Xavier Decoret <Xavier DOT Decoret AT imag DOT fr>
;; Created: 1 decembre 19999
;; Keywords: mail buffy
;; This file is not part of GNU Emacs.

;;;(load-file "~/.emacs-lisp/buffy.el")
;;;(setq buffy-spool-file "/var/spool/mail/dmartins")
;; -* with the correct spool file

;;; Babel options
;;(require 'babel)
(setq font-lock-maximum-size 5000000)

;;(require 'catdoc)
;;;(load-file "~/.emacs-lisp/rcp.el")

;;;;;-------Supercite 3.1--
(autoload 'sc-cite-original "supercite" "Supercite 3.1" t)
(autoload 'sc-submit-bug-report "supercite" "Supercite 3.1" t)
;(add-hook 'mail-yank-hooks 'sc-cite-original)
;(setq news-reply-mode-hook 'sc-perform-overloads) ;for GNUS prior to 5.6 ???
(setq message-cite-function 'sc-cite-original) ;for GNUS after 5.8
(add-hook 'mail-citation-hook 'sc-cite-original)
 
;; MATLAB.el options. May create conflict with Octave-Mode in the auto-mode-alist variable 
;;
(autoload 'matlab-mode "matlab" "Enter Matlab mode." t)
(setq auto-mode-alist (cons '("\\.m\\'" . matlab-mode) auto-mode-alist))
(autoload 'matlab-shell "matlab" "Interactive Matlab mode." t)

;; User Level customizations (You need not use them all):
;;;(setq matlab-indent-function t) ; if you want function bodies indented
;;;(setq matlab-verify-on-save-flag nil) ; turn off auto-verify on save
(defun my-matlab-mode-hook ()
 (setq fill-column 76)) ; where auto-fill should wrap
(add-hook 'matlab-mode-hook 'my-matlab-mode-hook)
(defun my-matlab-shell-mode-hook ()
 '())
(add-hook 'matlab-shell-mode-hook 'my-matlab-shell-mode-hook)
;;
;; Please read the mode help for matlab-mode for additional
;; configuration options.
;;
;; Syntax highlighting:
;; To get font-lock try adding this for older emacsen:
 (font-lock-mode 1)


;; Or for newer versions of Emacs:
 (global-font-lock-mode t)


;; To get hilit19 support try adding:

;; (matlab-mode-hilit)
;; (if window-system
;; (require 'font-latex))

;; To use compression on gnus
(require 'jka-compr)

;; To use xterm option when in a remote xterm
;;(require 'xterm-frobs)

;; PS-MODE Options
(autoload 'ps-mode "ps-mode" "Enter PS mode." t)
(setq auto-mode-alist (cons '("\\.ps\\'" . ps-mode) auto-mode-alist))

;;; Balance.el Options
(autoload 'balance-mode "balance")
(setq auto-mode-alist
 (append '(("\\.bal$" . balance-mode)) auto-mode-alist))

;;end .emacs