Image Processing Methods For Computer Vision-Based Fuel Gauge Developed

ScienceDaily (Apr. 6, 2000) — University Park, Pa. -- Taking a "look" at how much fuel is left in the tank could become literally possible now that Penn State computer engineers have developed image processing methods necessary for a computer vision-based fuel gauge.

The developers say a computer vision-based gauge would be much safer than current gauges that rely on a sensor with low voltage electrical leads that come in contact with the fuel. Electrical contact fuel measuring systems are often suspected of having contributed to explosions in aircraft disasters.

The image processing methods were developed by Srivatsan Chakravarthy, who earned his master's degree in August at Penn State, Dr. Rangachar Kasturi, professor of computer science and engineering, and Dr. Rajeev Sharma, assistant professor of computer science and engineering. The work was part of Chakravarthy's master's thesis.

In the method the Penn State team developed, nothing need be in the fuel tank except the fuel, Kasturi says. Two transparent glass portholes in the top of the fuel tank allow all the access needed to determine the depth of the liquid inside. One port enables a light source to flash the image of two crossed lines on the surface of the liquid while the other port allows an off-the-shelf video camera attached to a computer to record the position of the lines.

The computer's image processing software, developed by the researchers, is trained in a calibration process in which the tank is filled gradually and the position of the crossed lines, as recorded by the camera, are noted at the various depths. The correspondence between the depths in the actual 3-D scene and the 2-D image recorded by the camera is established in a process called digital mapping. The computer can then calculate the change in depth of the liquid in the tank when any one of the units, or pixels, in the camera's image of the crossed lines changes.

The researchers note that the mathematical problems involved in determining depth in a three-dimensional space from a two-dimensional camera image forms a part of almost all computer vision applications. A similar problem has to be solved whether one is equipping a robot with a 2-D camera "eye" to navigate in the real 3-D world or determining the depth of a liquid from its 2-D image. The researchers used two standard mathematical approaches to solving the problem for the fuel tank and found that one, triangulation, yielded simple, direct solutions that came at low computational cost. Although their computations were performed with a stationary system, they think their approach can be adapted to systems undergoing vibration, turbulence or other displacement.

The researchers conclude that computer vision offers an attractive alternative to the currently available options. They note that their experimental results are available now for studying the feasibility of implementing an actual system that could be incorporated in aircraft, automobiles or other applications.

Cellular Frequency

All cellular phone networks worldwide utilize a portion of the radio frequency spectrum designated as Ultra High Frequency, or "UHF", for the transmission and reception of their signals. The UHF band is also shared with Television, Wi-Fi and Bluetooth transmission. The cellular frequencies are the sets of frequency ranges within the UHF band that have been allocated for cellular phone use.

Due to historical reasons, radio frequencies used for cellular networks differ in the Americas, Europe, and Asia. The first commercial standard for mobile connection in the United States was AMPS, which was in the 800 MHz frequency band. In Europe, the first wide-spread automatic mobile network was based on the NMT-450 standard, which was in the 450 MHz band. As mobile phones became more popular and affordable, mobile providers encountered a problem because they couldn't provide service to the increasing number of customers. They had to develop their existing networks and eventually introduce new standards, often based on other frequencies. The GSM standard, which appeared in Europe to replace NMT-450 and other standards, initially used the 900 MHz band. As demand grew, carriers acquired licenses in the 1800 MHz band. (Generally speaking, lower frequencies allow carriers to provide coverage for a larger area, while higher frequencies allow carriers to provide service to more customers in a given area.)

In the U.S., the analog AMPS standard that used the Cellular band (800 MHz) was replaced by a number of digital systems. Initially, systems based upon the AMPS mobile phone model were popular, including IS-95 (often known as "CDMA", the air interface technology it uses) and IS-136 (often known as D-AMPS, Digital AMPS, or "TDMA", the air interface technology it uses.) Eventually, IS-136 on these frequencies was replaced by most operators with GSM. GSM had already been running for some time on US PCS (1900 MHz) frequencies.

And, some NMT-450 analog networks have been replaced with digital networks utilizing the same frequency. In Russia and some other countries, local carriers received licenses for 450 MHz frequency to provide CDMA mobile coverage.

Many GSM phones support three bands (900/1800/1900 MHz or 850/1800/1900 MHz) or four bands (850/900/1800/1900 MHz), and are usually referred to as tri band and quad band phones, or world phones; with such a phone one can travel internationally and use the same handset. This portability is not as extensive with IS-95 phones, however, as IS-95 networks do not exist in most of Europe.

Mobile networks based on different standards may use the same frequency range; for example, AMPS, D-AMPS, N-AMPS and IS-95 all use the 800 MHz frequency band. Moreover, one can find both AMPS and IS-95 networks in use on the same frequency in the same area that do not interfere with each other. This is achieved by the use of different channels to carry data. The actual frequency used by a particular phone can vary from place to place, depending on the settings of the carrier's base station.

Frequency bands used by GSM

System	Band	Uplink	Downlink	Channel Number
GSM 400	450	450.4 - 457.6	460.4 - 467.6	259 - 293
GSM 400	480	478.8 - 486.0	488.8 - 496.0	306 - 340
GSM 850	850	824.0 - 849.0	869.0 - 894.0	128 - 251
GSM 900 (P-GSM)	900	890.0 - 915.0	935.0 - 960.0	1 - 124
GSM 900 (E-GSM)	900	880.0 - 915.0	925.0 - 960.0	0 - 124, 975 - 1023
GSM-R (R-GSM)	900	876.0 - 880.0	921.0 - 925.0	955 - 973
DCS 1800	1800	1710.0 - 1785.0	1805.0 - 1880.0	512 - 885
PCS 1900	1900	1850.0 - 1910.0	1930.0 - 1990.0	512 - 810

Digital radio

Digital radio describes radio technologies which carry information as a digital signal, by means of a digital modulation method. The most common meaning is digital audio broadcasting technologies, but the topic may also cover TV broadcasting as well as many two-way digital wireless communication technologies. The acronym DAB (Digital Audio Broadcasting) is synonymous with the Eureka 147 standard.

One-way digital radio standards

One-way standards are those used for broadcasting, as opposed to those used for two-way communication. While digital broadcasting offers many potential benefits, its introduction has been hindered by a lack of global agreement on standards. The Eureka 147 standard (DAB) for digital radio is the most commonly used and is coordinated by the World DMB Forum, which represents more than 30 countries. This standard of digital radio technology was defined in the late 1980s, and is now being introduced in many countries. Commercial DAB receivers began to be sold in 1999 and, by 2006, 500 million people were in the coverage area of DAB broadcasts, although by this time sales had only taken off in the UK and Denmark. In 2006 there are approximately 1,000 DAB stations in operation. There have been criticisms of the Eureka 147 standard and so a new 'DAB+' standard has been proposed.

To date the following standards have been defined for one-way digital radio:

• Digital audio broadcasting systems:
• Eureka 147 (branded as DAB)
• 'DAB+'
• FM band in-band on-channel (FM IBOC):
• HD Radio (FM sideband)
• FMeXtra (FM subcarrier)
• AM band in-band on-channel (AM IBOC):
• Digital Radio Mondiale (branded as DRM) for the short, medium and long wave-bands
• Satellite radio:
• WorldSpace in Europe, Asia and Africa
• Sirius in North America
• XM radio in North America
• MobaHo! in Japan and the Republic of (South) Korea
• ISDB-TSB
• Systems also designed for digital TV:
• DMB
• DVB-H
• Low-bandwidth digital data broadcasting over existing FM radio:
• Radio Data System (branded as RDS)
• Radio pagers:
• FLEX
• ReFLEX
• POCSAG
• NTT
• Digital television broadcasting (DTV):
• Digital Video Broadcasting (DVB)
• Integrated Services Digital Broadcasting (ISDB)
• Digital Multimedia Broadcasting (DMB)
• Digital Terrestrial Television (DTTV or DTT) to fixed mainly roof-top antennas:
• DVB-T (based on OFDM modulation)
• ISDB-T (based on OFDM modulation)
• ATSC (based on 8VSB modulation)
• T-DMB
• Mobile TV reception in handheld devices:
• DVB-H (based on OFDM modulation)
• MediaFLO (based on OFDM modulation)
• DMB (based on OFDM modulation)
• Multimedia Broadcast Multicast Service (MBMS) via the GSM Edge and UMTS cellular networks
• [[[DVB-SH]] (based on OFDM modulation)
• Satellite TV:
• DVB-S (for Satellite TV)
• ISDB-S
• 4DTV
• S-DMB
• MobaHo!

See also software radio for a discussion of radios which use digital signal processing.

Two-way digital radio standards

• Digital cellular telephony:
• GSM
• UMTS (sometimes called W-CDMA)
• TETRA
• IS-95 (cdmaOne)
• IS-136 (D-AMPS, sometimes called TDMA)
• IS-2000 (CDMA2000)
• iDEN
• Wireless networking:
• Wi-Fi
• HIPERLAN
• Bluetooth
• ZigBee
• Military radio systems for Network-centric warfare
• JTRS (Joint Tactical Radio System- a flexible software-defined radio)
• SINCGARS (Single channel ground to air radio system)
• Amateur packet radio:
• AX.25
• Digital modems for HF:
• PACTOR
• Satellite radio:
• Satmodems
• Wireless local loop:
• Basic Exchange Telephone Radio Service
• Broadband wireless access:
• IEEE 802.16

Global System for Mobile communications - GSM

In 1982, the European Conference of Postal and Telecommunications Administrations (CEPT) created the Groupe Spécial Mobile (GSM) to develop a standard for a mobile telephone system that could be used across Europe. In 1987, a memorandum of understanding was signed by 13 countries to develop a common cellular telephone system across Europe.

In 1989, GSM responsibility was transferred to the European Telecommunications Standards Institute (ETSI) and phase I of the GSM specifications were published in 1990. The first GSM network was launched in 1991 by Radiolinja in Finland with joint technical infrastructure maintenance from Ericsson. By the end of 1993, over a million subscribers were using GSM phone networks being operated by 70 carriers across 48 countries.

GSM is a cellular network, which means that mobile phones connect to it by searching for cells in the immediate vicinity. GSM networks operate in four different frequency ranges. Most GSM networks operate in the 900 MHz or 1800 MHz bands. Some countries in the Americas use the 850 MHz and 1900 MHz bands because the 900 and 1800 MHz frequency bands were already allocated.

The rarer 400 and 450 MHz frequency bands are assigned in some countries, notably Scandinavia, where these frequencies were previously used for first-generation systems.

In the 900 MHz band the uplink frequency band is 890–915 MHz, and the downlink frequency band is 935–960 MHz. This 25 MHz bandwidth is subdivided into 124 carrier frequency channels, each spaced 200 kHz apart. Time division multiplexing is used to allow eight full-rate or sixteen half-rate speech channels per radio frequency channel. There are eight radio timeslots (giving eight burst periods) grouped into what is called a TDMA frame. Half rate channels use alternate frames in the same timeslot. The channel data rate is 270.833 kbit/s, and the frame duration is 4.615 ms.

The transmission power in the handset is limited to a maximum of 2 watts in GSM850/900 and 1 watt in GSM1800/1900.

GSM has used a variety of voice codecs to squeeze 3.1 kHz audio into between 5.6 and 13 kbit/s. Originally, two codecs, named after the types of data channel they were allocated, were used, called Half Rate (5.6 kbit/s) and Full Rate (13 kbit/s). These used a system based upon linear predictive coding (LPC). In addition to being efficient with bitrates, these codecs also made it easier to identify more important parts of the audio, allowing the air interface layer to prioritize and better protect these parts of the signal.

GSM was further enhanced in 1997 with the Enhanced Full Rate (EFR) codec, a 12.2 kbit/s codec that uses a full rate channel. Finally, with the development of UMTS, EFR was refactored into a variable-rate codec called AMR-Narrowband, which is high quality and robust against interference when used on full rate channels, and less robust but still relatively high quality when used in good radio conditions on half-rate channels.

There are five different cell sizes in a GSM network—macro, micro, pico, femto and umbrella cells. The coverage area of each cell varies according to the implementation environment. Macro cells can be regarded as cells where the base station antenna is installed on a mast or a building above average roof top level. Micro cells are cells whose antenna height is under average roof top level; they are typically used in urban areas. Picocells are small cells whose coverage diameter is a few dozen meters; they are mainly used indoors. Femtocells are cells designed for use in residential or small business environments and connect to the service provider’s network via a broadband internet connection. Umbrella cells are used to cover shadowed regions of smaller cells and fill in gaps in coverage between those cells.

Cell horizontal radius varies depending on antenna height, antenna gain and propagation conditions from a couple of hundred meters to several tens of kilometers. The longest distance the GSM specification supports in practical use is 35 kilometres (22 mi). There are also several implementations of the concept of an extended cell, where the cell radius could be double or even more, depending on the antenna system, the type of terrain and the timing advance.

Indoor coverage is also supported by GSM and may be achieved by using an indoor picocell base station, or an indoor repeater with distributed indoor antennas fed through power splitters, to deliver the radio signals from an antenna outdoors to the separate indoor distributed antenna system. These are typically deployed when a lot of call capacity is needed indoors, for example in shopping centers or airports. However, this is not a prerequisite, since indoor coverage is also provided by in-building penetration of the radio signals from nearby cells.

The modulation used in GSM is Gaussian minimum-shift keying (GMSK), a kind of continuous-phase frequency shift keying. In GMSK, the signal to be modulated onto the carrier is first smoothed with a Gaussian low-pass filter prior to being fed to a frequency modulator, which greatly reduces the interference to neighboring channels (adjacent channel interference).

Network structure

The network behind the GSM system seen by the customer is large and complicated in order to provide all of the services which are required. It is divided into a number of sections and these are each covered in separate articles.

• the Base Station Subsystem (the base stations and their controllers).
• the Network and Switching Subsystem (the part of the network most similar to a fixed network). This is sometimes also just called the core network.
• the GPRS Core Network (the optional part which allows packet based Internet connections).
• all of the elements in the system combine to produce many GSM services such as voice calls and SMS.

Subscriber Identity Module

One of the key features of GSM is the Subscriber Identity Module (SIM), commonly known as a SIM card. The SIM is a detachable smart card containing the user's subscription information and phonebook. This allows the user to retain his or her information after switching handsets. Alternatively, the user can also change operators while retaining the handset simply by changing the SIM. Some operators will block this by allowing the phone to use only a single SIM, or only a SIM issued by them; this practice is known as SIM locking, and is illegal in some countries.

In Australia, Canada, Europe and the United States many operators lock the mobiles they sell. This is done because the price of the mobile phone is typically subsidised with revenue from subscriptions, and operators want to try to avoid subsidising competitor's mobiles. A subscriber can usually contact the provider to remove the lock for a fee, utilize private services to remove the lock, or make use of ample software and websites available on the Internet to unlock the handset themselves. While most web sites offer the unlocking for a fee, some do it for free. The locking applies to the handset, identified by its International Mobile Equipment Identity (IMEI) number, not to the account (which is identified by the SIM card). It is always possible to switch to another (non-locked) handset if such a handset is available.

Some providers will unlock the phone for free if the customer has held an account for a certain time period. Third party unlocking services exist that are often quicker and lower cost than that of the operator. In most countries, removing the lock is legal. United States-based T-Mobile provides free unlocking services to their customers after 3 months of subscription.

GSM security

GSM was designed with a moderate level of security. The system was designed to authenticate the subscriber using a pre-sharedkey and challenge-response. Communications between the subscriber and the base station can be encrypted. The development of UMTS introduces an optional USIM, that uses a longer authentication key to give greater security, as well as mutually authenticating the network and the user - whereas GSM only authenticated the user to the network (and not vice versa). The security model therefore offers confidentiality and authentication, but limited authorization capabilities, and no non-repudiation.

GSM uses several cryptographic algorithms for security. The A5/1 and A5/2 stream ciphers are used for ensuring over-the-air voice privacy. A5/1 was developed first and is a stronger algorithm used within Europe and the United States; A5/2 is weaker and used in other countries. A large security advantage of GSM over earlier systems is that the cryptographic key stored on the SIM card is never sent over the wireless interface. Serious weaknesses have been found in both algorithms, however, and it is possible to break A5/2 in real-time in a ciphertext-only attack. The system supports multiple algorithms so operators may replace that cipher with a stronger one.

Radio Frequency Standard

Radio frequency (RF) is a frequency or rate of oscillation within the range of about 3 kHz to 300 GHz. This range corresponds to frequency of alternating current electrical signals used to produce and detect radio waves. Since most of this range is beyond the vibration rate that most mechanical systems can respond to, RF usually refers to oscillations in electrical circuits or electromagnetic radiation.

Name	Range	Wavelength	Application
Extremely Low Frequency (ELF)	a3 ~ 30 Hz	k 10,000 km ~ 100,000 km	Submarines communication.
Super Low Frequency (SLF)	b30 ~ 300 Hz	j 1,000 km ~ 10,000 km	AC power (50Hz, 60Hz).
Ultra Low Frequency (ULF)	c300 Hz ~ 3 kHz	i 100 ~ 1000 km	Communications with mines.
Very Low Frequency (VLF)	d3 ~ 30 kHz	h 10 ~ 100 km	Audible range 20-20 kHz.
Low Frequency (LF)	e30 ~ 300 kHz	g 1 ~ 10 km	1. International broadcasting. 2. Navigational beacons.
Medium Frequency (MF or MW)	f300 ~ 3000 kHz	f 100 m ~ 1 km	AM broadcasting.
High Frequency (HF or SW)	g3 ~ 30 MHz	e 10 ~ 100 m	Shortwave.
Very High Frequency (VHF)	h30 ~ 300 MHz	d 1 ~ 10 m	1. FM broadcasting. 2. Broadcast television. 3. Aviation.
Ultra High Frequency (UHF)	i300 ~ 3000 MHz	c 10 ~ 100 cm	1. Broadcast television. 2. Mobile telephones. 3. Wireless networking. 4. Microwave ovens.
Super High Frequency (SHF)	j3 ~ 30 GHz	b 1 ~ 10 cm	1. Wireless networking. 2. Radar. 3. Satellite links.
Extremely High Frequency (EHF)	k30 ~ 300 GHz	a 1 ~ 10 mm	1. Microwave data links 2. Radio astronomy. 3. Remote sensing. 4. Advanced weapons systems. 5. Advanced security scanning

Digital Television Technology - DTV

Digital television (DTV) refers to the sending and receiving of moving images and sound by means of discrete (digital) signals, in contrast to the analog signals used by analog TV.

Digital television is more flexible and efficient than analog television. When properly used by broadcasters, digital television allows higher-quality images and sound and more programming choices than analog does. However, although DTV allows for superior technical quality, a digital signal does not necessarily carry a higher-quality image or sound than an analog signal.

Formats and bandwidth

In current practice, high-definition television (HDTV), which is usually used over DTV, uses one of two formats: 1280 × 720 pixels in progressive scan mode (abbreviated 720p) or 1920 × 1080 pixels in interlace mode (1080i). Each of these utilizes a 16:9 aspect ratio. (Some televisions are capable of receiving an HD resolution of 1920 × 1080 at a 60 Hz progressive scan frame rate — known as 1080p60 — but this format is not standard and no broadcaster is able to transmit these signals over the air at acceptable quality yet.)

Standard definition TV, by comparison, may use one of several different formats taking the form of various aspect ratios, depending on the technology used in the country of broadcast. For 4:3 aspect-ratio broadcasts, the 640 × 480 format is used in NTSC countries, while 720 × 576 (rescaled to 768 × 576) is used in PAL countries. For 16:9 broadcasts, the 704 × 480 (rescaled to 848 × 480) format is used in NTSC countries, while 720 × 576 (rescaled to 1024 × 576) is used in PAL countries. However, broadcasters may choose to reduce these resolutions to save bandwidth (e.g., many DVB-T channels in the United Kingdom use a horizontal resolution of 544 or 704 pixels per line).The perceived quality of such programming is surprisingly acceptable because of interlacing—the effective vertical resolution is halved to 288 lines.

Each DTV channel is permitted to be broadcast at a data rate up to 19 megabits per second, or 2.375 megabytes per second. However, the broadcaster does not need to use this entire bandwidth for just one broadcast channel. Instead the broadcast can be subdivided across several video subchannels of varying quality and compression rates, including non-video datacasting services that allow one-way high-bandwidth streaming of data to computers.

A broadcaster may opt to use a standard-definition digital signal instead of an HDTV signal, because current convention allows the bandwidth of a DTV channel (or "multiplex") to be subdivided into multiple subchannels, providing multiple feeds of entirely different programming on the same channel. This ability to provide either a single HDTV feed or multiple lower-resolution feeds is often referred to as distributing one's "bit budget" or multicasting. This can sometimes be arranged automatically, using a statistical multiplexer (or "stat-mux"). With some implementations, image resolution may be less directly limited by bandwidth; for example in DVB-T, broadcasters can choose from several different modulation schemes, giving them the option to reduce the transmission bitrate and make reception easier for more distant or mobile viewers.

Compression artifacts and allocated bandwidth

DTV images have some picture defects that are not present on analog television or motion picture cinema, because of present-day limitations of bandwidth and compression algorithms such as MPEG-2.

When a compressed digital image is compared with the original program source, some hard-to-compress image sequences may have digital distortion or degradation. For example:

• quantization noise,
• incorrect color,
• blockiness,
• a blurred, shimmering haze.

Broadcasters attempt to balance their needs to show high quality pictures and to generate revenue by using a fixed bandwidth allocation for more services.

Buffering and preload delay

Unlike analog televisions, digital televisions have a significant delay when changing channels, making "channel surfing" more difficult.

Different devices need different amounts of preload time to begin showing the broadcast stream, resulting in an undesirable and annoying audio echo effect when two televisions in adjacent rooms of a house are tuned to the same channel.

Code Division Multiple Access - CDMA

CDMA2000 is a hybrid 2.5G / 3G technology of mobile telecommunications standards that use CDMA, a multiple access scheme for digital radio, to send voice, data, and signalling data (such as a dialed telephone number) between mobile phones and cell sites. CDMA2000 is considered a 2.5G technology in 1xRTT and a 3G technology in EVDO.

CDMA (code division multiple access) is a mobile digital radio technology where channels are defined with codes (PN sequences). So every user have self code when connected into network. CDMA permits many simultaneous transmitters on the same frequency channel, unlike TDMA (time division multiple access), used in GSM and D-AMPS, and FDMA, used in AMPS ("analog" cellular). Since more phones can be served by fewer cell sites, CDMA-based standards have a significant economic advantage over TDMA- or FDMA-based standards.

CDMA2000 has a relatively long technical history, and remains compatible with the older CDMA telephony methods (such as cdmaOne) first developed by Qualcomm, a commercial company, and holder of several key international patents on the technology.

The CDMA2000 standards CDMA2000 1xRTT, CDMA2000 EV-DO, and CDMA2000 EV-DV are approved radio interfaces for the ITU's IMT-2000 standard and a direct successor to 2G CDMA, IS-95 (cdmaOne). CDMA2000 is standardized by 3GPP2.

CDMA2000 is a registered trademark of the Telecommunications Industry Association (TIA-USA) in the United States, not a generic term like CDMA. (This is similar to how TIA has branded their 2G CDMA standard, IS-95, as cdmaOne.)

CDMA2000 is an incompatible competitor of the other major 3G standard UMTS. It is defined to operate at 450 MHz, 700 MHz, 800 MHz, 900 MHz, 1700 MHz, 1800 MHz, 1900 MHz, and 2100 MHz.

Below are the different types of CDMA2000, in order of increasing complexity:

Mikrotik RouterOS

MikroTik RouterOS™ adalah sistem operasi dan yang dapat digunakan untuk menjadikan komputer manjadi router network yang handal, mencakup berbagai fitur lengkap untuk network dan wireless, salah satunya adalah bandwidth manajemen. Berikut settingnya.

Install Mikrotik OS (Windows based)

1. Siapkan PC.

2. Server PC harus memiliki 2 ethernet, untuk internet dan lokal network.

3. Masukkan CD Installasi.

4. Install paket2 utama, mark semua list paket.

5. Kemudian tekan "I" untuk install.

6. Setelah diinstall beres, PC akan restart kemudian muncul tampilan login.

Setting Mikrotik

Langkah awal konfigurasi mikrotik adalah setting IP, untuk memudahkan proses konfigurasi

1. Login sebagai admin [tidak pakai password].

2. Setelah masuk ke promt ketikkan command:

[admin@Sys] > ip address add address=222.124.21.26/29 interface=ether1

3. Ubah IP address anda dan interface yg digunakan untuk remote.

4. Cek koneksi dengan melakukan ping.

5. Akses IP mikrotik melalui browser.

6. Klik link Download it untuk download winbox yg digunakan untuk remote mikrotik secara GUI.

7. Jalankan winbox, login sebagai admin.

8. Tambahkan interface yg belum ada dengan mengklik tanda + pada menu interface.

Setting Bandwidth limiter

1. Klik menu IP | Firewall | Magle

Buat rule dengan parameter sbb:

Pada tab General:

Chain=forward,

Src.address=192.168.0.2 (IP di limit)

Pada tab Action :

Action = mark connection,

New connection mark=netcon (Nama koneksi kita)

Klik OK.

Buat rule lagi dengan parameter sbb:

Pada tab General:

Chain=forward,

Connection mark=netcon (Dropdown menu)

Pada tab Action:

Action=mark packet,

New pcket Mark=net (Nama paket)

Klik OK.

2. Klik menu Queues | Queues Tree

Buat rule dengan parameter sbb:

Pada tab General:

Name=net-downstrem

Parent=ether2 (Interface ke arah Internet)

Paket Mark=net

Queue Type=default

Priority=8

Limit At=8k (Min Bandwidth)

Max limit=64k (Brustable Bandwith)

Klik Ok.

Buat rule lagi dengan parameter sbb:

Pada tab General:

Name=net-Upstrem

Parent=ether1 (Interface ke Local Network)

Paket Mark=net

Queue Type=default

Priority=8

Limit At=8k (Mminimum Upstream Bandwidth)

Max limit=64k (Brustable Bandwith)

Klik Ok

Have a nice try..

VPN Configuration – PPTP

· Download & install source (in this method use RPM Package, but for configuration same with another distro)

· Next, edit file /etc/pptp.conf

option /etc/ppp/options.pptpd
localip [IP Interface that connect to LAN]
remoteip [IP for your client, ex:192.168.0.101-103]

· Edit file /etc/ppp/options.pptpd like this,

lock
nopcomp
noauth
debug
defaultroute
name pptpd
proxyarp
asyncmap 0
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe
lcp-echo-failure 30
lcp-echo-interval 5
ipcp-accept-local
ipcp-accept-remote
allow-ip [ip_remote_yg_boleh mengakses]

ms-dns [DNS Local Server]
ms-wins [WINS Local Server]

proxyarp
debug
dump
lock
nobsdcomp

logfile /var/log/pptp.log

· Open the Firewall for TCP port 1723 dan PROTO GRE

-A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
-A INPUT -p gre -j ACCEPT

Use the EAP-TLS (MSCHAP2) for the authentification.

VPN Configuration – OpenVPN

This OpenVPN configuration use SSL mode.

1. Download from http://openvpn.org.

2. This installation running in console.

3. Then type make and make install, and go to easy-rsa directory. Then type,
export D=/etc/openvpn
export KEY_CONFIG=$D/openssl.cnf
export KEY_DIR=$D/keys
export KEY_SIZE=1024
export KEY_COUNTRY=ID
export KEY_PROVINCE="Province"
export KEY_CITY="Your City"
export KEY_ORG="[Your Organization]"
export KEY_EMAIL="Your Email"
export KEY_COMMON="[Your Host]"

4. Copy openssl.cnf from easy-rsa directory to /etc/openvpn

5. Run “./clean-all” from easy-rsa directory.

6. Run “./build-ca”

7. Run “./build-key-server server”

8. Run “./build-key client” and then run “./build-key client2″, depend on how many client that connect to your VPN Server.

9. Run “./build-dh”.

10. Make file /etc/openvpn/server.conf

port [TCP or UDP port for tunneling, ex : 1234]
proto [UDP/TCP]
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
server [network & subnet for client, ex:192.168.0.0 255.255.255.0]
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 2
dev tun
push "[Route of IP, ex: route 202.155.0.0 255.255.255.0]"
keepalive 10 120
comp-lzo

11. For client, copy “ca.crt”, “client.key” and “client.crt” file that generated to your client.

VPN Configuration – IPSec

This VPN configuration use FreeSWAN software. There 2 kinds of FreeSWAN, OpenSWAN and StrongSWAN.

· Download and Install (in this method use RPM Package, but for configuration same with another distro)

· Edit /etc/ipsec.conf file,

version 2.0
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
nat_traversal=yes

· Add this script into ipsec.conf file
conn vpn-ipsec
authby=secret
pfs=no
left=[IP Client]
right=[IP Interface to Client]
rightsubnet=[subnet]
auto=add
keyingtries=0

*) rightsubnet used to HOST-to-Network connection. If it Host-to-Host you didn’t configure this script.

· Create /etc/ipsec.secrets file to save presharedkey or certificate

: PSK "[password]"
: RSA {
# RSA 2192 bits
# for signatures only, UNSAFE FOR ENCRYPTION
#pubkey=0sAQ......
Modulus: 0xa0........
PublicExponent: 0x03
# everything after this point is secret
PrivateExponent: 0x1a....
}
[Client IP] [Server IP]: PSK "[password]"

· Open the Firewall for UDP port 500 dan PROTO ESP

-A INPUT -i eth0 -p udp --dport 500 -j ACCEPT
-A INPUT -p esp -j ACCEPT