There are multiple ways to do much of this.  I'm going to explain some.  I'm going to say 'iPhone,' because that is the USB device I'm going to connect.  You can do something VERY similar for other USB devices.  In these instructions, all commands, editing, files, etc. are on the Linux host, unless specifically designated otherwise.

Note that VID (or vid) is short for Vendor ID, and PID (or pid) is short for Product ID.

The first thing you have to do is to find the necessary information about your USB device.  Here are two methods.

Method 1

1. Make sure your VM is running.  Plug in your iPhone.
2. Using either the VMware menus or the VMware icon for your iPhone, connect your iPhone to your VM manually.
3. Open a Terminal session in the folder where your VM's .vmx file lives. Execute this command:
• grep -i usb vmware.log | grep -i device | more
4. Find the lines for your iPhone.  One will contain (in part) something resembling:

USB: Found device [name:Apple\ iPhone vid:05ac pid:1294 path:2/1/1 speed:high family:vendor,imaging]

Note the values for vid and pid (0x05ac and 0x01294 -- they are hex).

Method 2

At a bash prompt, run:

• lsusb

You're going to examine the output from lsusb, until you find the information for your iPhone.  I found something like:

Bus 002 Device 008: ID 05ac:1294 Apple, Inc. iPhone 3GS

Basically, this tells me that I have an iPhone plugged into a specific USB port (bus 2, device 8).  After the "ID" it provides the vid and the pid (0x5ac and 0x1294).

I confirmed that I had the right values by taking the bus number (2) and the device number (8) from the output, and I ran:

lsusb -v -s 2:8 | more

This tells it to tell me all the details about the device on bus 2, device 8.  I'm not going to show you all of that output, but the important information was:

  idVendor           0x05ac Apple, Inc.
  idProduct          0x1294 iPhone 3GS

So my VID is 0x05ac, and my PID is 0x1294.

After Method 1 or Method 2:

Power down the VM, and edit the .vmx file.  Add a line which resembles the following.  (If you already have usb.autoConnect.device0, use device1; if you have device1, use device2; etc.)

usb.autoConnect.device0 = "0x5ac:0x1294"

Of course, if you're using a different device than my iPhone 3Gs, substitute your vid:pid values.

 This is supposed to connect the iPhone when the VM starts, if the iPhone is already plugged into the host.  It doesn't do that for me.  What it does do is to connect my iPhone to the VM if the VM is running when I plug in the iPhone.

I wanted to use Quicken 2011 under Crossover Impersonator. I’m running Ubuntu 10.10 (Maverick Meerkat). I was getting black buttons, black graphs and black charts. I had installed Quicken using the generic Codeweavers install for Quicken 2011. It is a ‘supported application.’

Comparing Quicken running in a VM with Quicken under WINE, I noticed that everything that was rendered in black under WINE, had shading to make it look 3D in the VM. Using a native GDIplus.dll solved the problem.

Here’s the full Quicken 2011 install:

1. Application -> Crossover -> Install Windows Software
2. Choose Quicken 2011 under Supported Applications
3. Select an Installer -> Choose an Installer Folder -> Browse to your Quicken CD (or folder where you copied the CD)
4. Run the install. Do NOT launch Quicken at the end of the install.
5. Browse (Nautilus) to ~/.cxoffice/Quicken 2011/drive_c/windows/system32
6. Rename gdiplus.dll to gdiplus-hidden.dll
7. Copy a real (Microsoft) gdiplus.dll to ~/.cxoffice/Quicken 2011/drive_c/windows/system32
• I've got a folder named windows-patches-and-MS-add-ons, where I keep all sorts of DLLs like this one.
8. Application -> Crossover -> Manage Bottles
9. Select the Quicken 2011 bottle ->Control Panel -> Wine Configuration and press Launch Selected Item
10. In the Applications tab, select qw.exe
11. Set Windows Version to Windows 7, and press Apply.
12. On the Libraries tab, select "gdiplus (builtin)" in the Existing Overrides section, and press Edit
13. Set the gdiplus override to "native, then builtin"
14. Save everything, and run Quicken.
15. When you get to the registration prompt, choose "Register Later"
16. While holding control-shift, choose Tools/One-step Update. Quicken will promise never to nag about registration again.

Some printers cannot be used directly from Linux or OS X. These are typically budget printers, which do lots of GDI print processing in a Windows driver, and they speak only a proprietary protocol.

This story tells how to use a Windows-only printer from Linux and OS X. I use this with my Canon MF5770, but the general process works for almost any Windows based printer.

Getting Started

You’ll need a copy of Windows 2000/XP/Vista/Windows 7, running on a real machine, or in a VM. VMware or VirtualBox (vbox) will work. This virtual/physical machine can be on another computer on your LAN; it need not be on the machine from which you want to print.

Sadly, none of this is going to work with WINE or Crossover. You’ll need a real copy of Windows running in a VM or on a physical machine.

Get the printer working from Windows before proceeding.

Install Ghostscript and RedMon

This is all done on the Windows machine that can print to the Windows-only printer.

1. Download Ghostscript from http://pages.cs.wisc.edu/~ghost/doc/GPL/gpl864.htm. You'll want to select the 32-bit or the 64 bit .exe file, to match your Windows edition. I used version 8.64, but newer versions should work too.
2. Install Ghostscript
3. Install GSview. There's a link to it from the Ghostscript page mentioned above.
4. Install RedMon EE.
5. Set up RedMon:
• Redirect this port to the program: C:\Program Files\Ghostgum\gsview\gsprint.exe
• Arguments for this program are: -printer "Your Windows Printer Name Here" -copies 1 -
• Don't miss the trailing dash on the arguments!
• "Your Windows Printer Name Here" should be the name of the printer that works from Windows. This is the printer name you see when you open Start -> Printers and Faxes.
• Output: Program handles output

Set Up Virtual PostScript printer

This is all done on the Windows machine that can print to the Windows-only printer.

1. Using Windows add-a-printer dialog, add an "AppleLaserwriter 12/640 PS" printer.
2. Set it to print to local port "RPT1: Redirected Port"
3. Share this Printer

Using the Virtual PostScript Printer

You’ve got a shared Windows PostScript printer on your network. On your Linux or OS X machine, connect to the shared printer, use an AppleLaserwriter 12/640 PS driver (or a generic PostScript driver, if you don’t have this exact driver).

When you print to the shared PS printer, RedMon captures the PostScript data, sends it through Ghostscript, and Ghostscript prints it to the Windows-only printer. The printer is a little slow to start, since the ENTIRE document has to get processed from whatever, into PostScript, into GDI, and spooled on the Windows machine, before printing starts. But it works.

If your printer is a printer/scanner (e.g. Canon MF5770), you can connect the scanner to the VM, and have the VM save scanned images to a shared folder, and your Linux/OS X machine can collect the scanned images from there. If your scanner needs buttons pushed in Windows (e.g. answering prompts such as “Do you want to save this document?”, you can automate this using PTFB or AutoHotkey.

I wanted to set up a Windows XP Guest, and have it share its files TO the host, using Windows networking (a.k.a. SMB, a.k.a. CIFS), via the VirtualBox NAT interface. (I'm using Portable-Virtualbox, and it supports ONLY the NAT adapter.) This IS possible. I've done it. Here's how.

1. In the guest, assign its adapter the permanent address of 10.0.2.15.
2. Give it a net mask of 255.255.255.0. (Otherwise, if you use 10.0.0.1 for your host loopback, you've got a problem.)
• You can use another address, but you'll have to consistently substitute your other address EVERYWHERE I use this one.
3. Create a Loopback adapter in the host.  (See http://www.kleinfelter.com/loopback-adapter-xp for de..tails.)
4. Configure the Loopback adapter
1. Enable Client for Microsoft Networks.
2. Disable File and Printer Sharing for Microsoft Networks.
3. Enable Interent Protocol (TCP/IP)
4. Click on properties for TCP/IP
5. Assign the address 10.0.0.1.
• You can use another address, such as 192.168.2.2, but you'll have to consistently substitute your other address EVERYWHERE I use this one.
6. From Advanced->WINS:
1. Enable LMHosts Lookup
2. Disable NetBIOS over TCP/IP
7. Enter 9999 for the interface metric.
5. Start VirtualBox and define the following port-forwarding rules for the NAT adapter
1. 10.0.0.1, TCP port 135 to 10.0.2.15, same port
2. 10.0.0.1, UDP port 135 to 10.0.2.15, same port
3. 10.0.0.1, TCP port 136 to 10.0.2.15, same port
4. 10.0.0.1, UDP port 136 to 10.0.2.15, same port
5. 10.0.0.1, TCP port 137 to 10.0.2.15, same port
6. 10.0.0.1, UDP port 137 to 10.0.2.15, same port
7. 10.0.0.1, TCP port 138 to 10.0.2.15, same port
8. 10.0.0.1, UDP port 138 to 10.0.2.15, same port
9. 10.0.0.1, TCP port 139 to 10.0.2.15, same port
10. 10.0.0.1, UDP port 139 to 10.0.2.15, same port
11. 10.0.0.1, TCP port 445 to 10.0.2.15, same port
12. 10.0.0.1, UDP port 445 to 10.0.2.15, same port
6. Exit VirtualBox
7. Reboot the host
8. Start VirtualBox, and start your guest.
9. Inside the guest, share your C-drive as "C".
10. In the host, Start->Run, and enter \\10.0.0.1\C

Note: You can dispense with setting up the Loopback adapter, but it is awkward. Here’s how:

1. Don't create a loopback adapter. (Or you can ignore the one you set up.)
2. Set up the VirtualBox port forwarding as above, using "127.0.0.9" instead of "10.0.0.1"
3. Instead of Start->Run with \\10.0.0.1, you'll use \\127.0.0.9, but BEFORE YOU DO SO
• From a Command prompt, enter "net stop server"

You have to do this in order to disconnect the host’s SMB/CIFS (file server) protocol from 127.0.0.. When you used a virtual Loopback adapter (which you assigned to 10.0.0.1), you disconnected the file server protocol from the adapter when you followed the “Disable File and Printer Sharing for Microsoft Networks” instruction above. Since the 127... address range doesn’t show up in Network Connections as an adapter, you have to stop (or uninstall) the file sharing service.

Conveniently, once you’ve connected to the guest via 127.0.0.9, you can enter “net start server” and re-start file sharing on the host, without losing your connection to the guest.

Note: If you are using McAfee Host Intrusion Preventionon your host machine, here’s some extra steps to do before you Start->Run and \whatever:

1. Right-click on the "M" in a shield in the Windows "notification" area.
2. Select "Manage Features"
3. Select "McAfee Host Intrusion Prevention"
4. Select "Disable Firewall"

After you’ve connected to the guest, follow the instructions for disabling the firewall, but in the last step select “Restore Settings” instead of “Disable Firewall”

I'd like to have a zero-install, Windows, virtual machine environment.  In theory, this would let me run my OS and desktop environment on any Windows computer, without installing the VM software.

There is a fundamental reason why this can't happen 100%.  The VM has to be able to handle the situation when the virtual computer attempts to execute ring-0 (privileged mode) instructions.  You have to install a device driver or a Windows service in order to be able to handle the interrupt/trap.  There is also the issue of getting your network to work.  Many VMs handle this by creating a TUN/TAP virtual adapter in the host.

You can get close to zero-install with VirtualBox.  For starters, you don't have to create the TAP virtual adapter in the host.  For a VirtualBox NAT adapter, VirtualBox does not provide the full TCP/IP stack to the VM.  Essentially, it provides a TCP (only) proxy.  While this breaks things like 'ping', it means you don't need a virtual host adapter in order to do networking from the guest.

1. First, download VirtualBox-4.0.0-69151-Win.exe from VirtualBox.org.  Run it, but just go as far as the Welcome screen.
2. Start/Run "msiexec /a %TMP%\VirtualBox\VirtualBox-4.0.0-r69151-MultiArch_x86.msi /qb TARGETDIR=%TMP%\vbox4"
3. You'll then find all of the files for VirtualBox in %TMP%\vbox4\PFiles\Oracle VM VirtualBox.
4. Copy them to S:\pvb-4.0.0\  (where S: is the drive letter for your "portable applications" drive).
5. Download the USB extensions from VirtualBox.org, and install them using the VBox GUI.  They make no registry changes and they just extract the files into subdirectories of S:\pvb-4.0.0
   

SET pvbroot=S:\pvb-4.0.0
SET datadir=S:\pvb-4.0.0\pvb-data
S:

cd %pvbroot%
mkdir %datadir% 2>nul:

SET VBOX_USER_HOME=%datadir%\.VirtualBox

REM This service *has* to be loaded.  It manages the client's attempts to go to ring 0 (supervisor mode).
sc create pvboxdrv binpath= %pvbroot%\drivers\vboxdrv\vboxdrv.sys type= kernel start= demand error= normal displayname= pvboxdrv

REM USB support.  You don't have to use this service, but if you don't use it, 
REM the virtual machine won't have access to *physical* USB devices (just virtual ones).
sc create VBoxUSBMon binpath= %pvbroot%\drivers\USB\filter\VBoxUSBMon.sys type= kernel start= demand error= normal displayname= PortableVBoxUSBMon

sleep 5
REM The VirtualBox COM server
%pvbroot%\VBoxSVC.exe /reregserver

sleep 5
REM Client-side COM library. All COM objects that live on the client side
REM (i.e. inside the VM execution process) are contained in this file. So IConsole and friends go there. 
regsvr32.exe /S %pvbroot%\VBoxC.dll

sleep 5
REM Load the "VirtualBox Portable Runtime (IPRT)"
rundll32 %pvbroot%\VBoxRT.dll,RTR3Init

REM Start the ring-0 driver
sc start pvboxdrv

REM Start USB.  (Comment this out if you don't create the service.)
sc start VBoxUSBMon

Sleep 3
REM Start the GUI
%pvbroot%\VirtualBox.exe


REM Count off seconds before you let it continue.  If you don't, you'll find that you have to reboot before you can run again.
sleep 5

REM Stop the ring-0 service
sc stop pvboxdrv

REM Stop the USB service
sc stop VBoxUSBMon

sleep 5




REM Make sure it is really stopped
sc query pvboxdrv
sc query VBoxUSBMon
sleep 9

REM Remove the VirtualBox COM service, i.e. all COM objects that live outside the VM process.
%pvbroot%\VBoxSVC.exe /unregserver


REM Remove Client-side COM library. All COM (or XPCOM) objects that live on the client side 
REM (i.e. inside the VM execution process) are contained in this file. So IConsole and friends go there. 
regsvr32.exe /S /U %pvbroot%\VBoxC.dll

sleep 3
sc delete pvboxdrv
sc delete VBoxUSBMon


echo
echo All done
sleep 9

A troubleshooting tip – For a little while, I was having trouble with the service going into a stop_pending state from which it never exited. This caused the "sc delete" to fail because you can’t delete a running service. I think this was caused by a previous install of VirtualBox that left some bits behind. I deleted the various vbox* files from C:\Windows\System32 (and similar folders), and I scrubbed all vbox and virtualbox entries from the registry, rebooted, and it started working.

Building on my prior story, I decided to try and create a Portable App launcher for Evernote. The process for doing so at Portable Apps is incompletely documented, so I thought I'd capture a walk-through here.

Substitute your drive letter for "S:", and your Evernote version for "4.01".

• One-time stuff.  (Other stuff gets done for each app you make portable.):
  • Install NSISPortable to S:\PortableApps\NSISPortable
  • Install PortableApps.comLauncher to S:\PortableApps\PortableApps.comLauncher
  • Download the PortableApps Application Template, and put it in S:\PortableApps\PortableApps.com_Application_Template_2.0
• Create the directory structure for your app by copying
  • "S:\PortableApps\PortableApps.com_Application_Template_2.0\AppNamePortable"
  •  to "S:\PortableApps\"
  •  and rename it to EvernotePortable (creating S:\PortableApps\EvernotePortable).
• Copy the Evernote 4.01 program files and subdirectories
  • from C:\Program Files\Evernote
  • to S:\PortableApps\EvernotePortable\App\Evernote
• Create S:\PortableApps\EvernotePortable\App\AppInfo\Launcher\EvernotePortable.ini, containing:

  [Launch]
  ProgramExecutable=Evernote\Evernote.exe
  WaitForExe1=EvernoteTray.exe
  
  [Activate]
  Registry=true
  
  [DirectoriesMove]
  -=%LOCALAPPDATA%\Evernote\Evernote\Logs
  
  [DirectoriesCleanupForce]
  1=%LOCALAPPDATA%\Evernote
  
  [RegistryKeys]
  EvernotePortable=HKCU\Software\Evernote
  
  [RegistryValueWrite]
  HKCU\Software\Evernote\Evernote\EvernotePath=REG_SZ:%PAL:DataDir%
      
  [RegistryCleanupForce]
  1=HKCU\Software\Evernote

[Format]
Type=PortableApps.comFormat
Version=2.0

[Details]
Name=Evernote Portable
AppID=EvernotePortable

[Control]
Start=EvernotePortable.exe

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Evernote]

[HKEY_CURRENT_USER\Software\Evernote\Evernote]
"LastLogin"="kleinfelter"
"SyncServiceUrl"="www.evernote.com"
"TrunkUrl"="http://www.evernote.com/about/trunk/?layout=inapp"

[HKEY_CURRENT_USER\Software\Evernote\Evernote\AutoResponse]
"ConfirmAppExit"=""

Update: I moved it from S:\PortableApps\EvernotePortable to C:\kevin\EvernotePortable, and it worked without tinkering.

I wanted to set up OpenVPN, to protect myself from Firesheep when web browsing from the local free WiFi.  It is almost easy, but there are a few non-obvious points.  I won't cover setting up the keys and certificates, because that is well documented elsewhere and it works as documented.  This is for DD-WRT v24-sp2 (08/12/10) mega.

In my case, I have two routers: A wired router connected to the Internet, and a wireless router, which is connected to the wired router via Ethernet.  I'm going to get VPN working on the wireless router, and then I'll turn down the wired router and replace it with the wireless router.  I recommend this route.  You really want to work out your VPN from inside your LAN before you put it outside your LAN.

• Turn off the firewall on your router. 
• There's a checkbox on the DD-WRT Security->Firewall screen. 
• This is to simplify, and allow you to focus strictly on one source of errors at a time.
• On the DD-WRT Services->VPN screen:
• Paste the content of your certificate authority certificate (ca.crt) into the "CA Cert" field.
• Leave Certificate Revoke List empty.
• Paste the content of your server certificate (server.crt) into the "Public Client Cert" field.
• This is poorly named.  It should be named "Server Cert."
• Paste the content of your server key (server.key) into the "Private Client Key" field
• This is poorly named.  It should be named "Server Key."
• Paste the content of your "Diffie-Hellman PEM" (dh1024.pem) into the "DH PEM" field.
• If you care, PEM stands for "Privacy Enhanced Mail" format.
• Paste the following into the "Open VPN Config" field.

server 192.168.8.0 255.255.255.0
dev tun0
proto udp
port 1194
keepalive 15 60
daemon
verb 3
comp-lzo
client-to-client
duplicate-cn  
tls-server
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem

• Note that this will create a VPN where the network addresses are on the 192.168.8.* subnet. You might decide to change this, later. My advice is to use my values exactly, and later come back and tinker with it once you've got it working.

You can press the "Apply" button once you've filled in all of the fields mentioned above.

The client config file is below.  Again, just use my values for now.  Come back and tinker later.  The one thing you'll need to change is "192.168.9.1".  Change that to the IP address of your router.  I recommend using the LAN IP address of your router.  Eventually, you'll want to come back and make this work via the WAN IP address, but let's stay inside until we get things working.:

# Be the client, not the server
client

# Use any TUN (not TAP) device on the client.
dev tun

# The address of the VPN server.  1194 is the default port for OpenVPN.
remote 192.168.9.1

# Send ALL traffic via the VPN (except the link-level frames that your VPN tunnels inside)
redirect-gateway def1

# We don't care what interface or port we use on the client.
nobind

# These are described as 'Make the link resistant to connection failures, dealing with keeping
# connection alive through NAT and following the DNS name of the server if its IP address changes.'
keepalive 10 60
ping-timer-rem
persist-key
persist-tun

# Enable data link compression.
comp-lzo

# You can set this to a higher level, and you'll get lots of detail information.  It won't help.
verb 1

# --float tells OpenVPN to accept authenticated packets from any address, not only the address which was specified in the --remote option.
# Useful if you're using round-robin DNS.  Also useful if your server has a dynamic IP address which the ISP could change.
# I use float so I can connect from inside AND outside my router.
float

# Connect only to servers with the right certificate.
ns-cert-type server

# Certificate Authority certificate file used to "certify" other certificates.  Same CA file must be used on the client and the server.
ca ca.crt

# The client's certificate file.  Should be different on each client.  Public Client Cert.
cert client1.crt

# The client's private key.
key client1.key

• Copy the Certificat Authority certificate to ca.crt, in your VPN client's config directory
• Copy the client's certificat and private key to client1.crt and client1.key (respectively), in your VPN client's config directory.

Next, let's test and confirm that it really works.

• Tell your client to connect to the server.  It should take about 10-15 seconds.  Different client's tell you about their success in different ways.  If you don't get a connection, look at the following:
• Make sure you've got your keys and certificates in the right folders.
• You might need to change "remote 192.168.9.1" or "server 192.168.8.0 255.255.255.0" in my config to match your network.
• If all else fails, reboot your router and your client, and try again.  (Windows XP appears to need a reboot after installing OpenVPN.)
• Assuming that you're connected, here are some things to test:
• ping 192.168.8.1
• This confirms that you can reach the server's VPN endpoint.  (Substitute your server endpoint, if you didn't use the 192.168.8.* subnet.)
• ping 192.168.9.1
• This confirms that you can reach your real, physical router's LAN IP.  (Substitute your router's LAN IP, if it is different.)
• ping your-upstream-router-IP-here
• This is the address of the router that is upstream from your router running DD-WRT and the VPN.  On my network, it is the wired-router-to-the-internet.  If your DD-WRT is directly connected to the internet, this is the gateway at your ISP.
• This confirms that you can send traffic past the VPN's router.
• ping mindspring.com
• This confirms that DNS is working.
• There is nothing magic about mindspring.com.  It is just the first ISP I ever used, so my fingers are "hard-wired" to ping them.  I've been pinging them since the days of Windows 3 and Trumpet Winsock for TCP/IP.
• tracert your-upstream-router-IP
• or "traceroute your-upstream-router-IP", depending on your operating system.
• You're looking to confirm that the first step in the route is via the VPN (e.g. 192.168.8.1).  This shows that all traffic will go via your VPN.
• Note: For the longest time, I found that using "redirect-gateway def1" made everything stop working. 
• If I left it out, I could establish the VPN, but traffic didn't default to using the VPN. 
• If I put it in, ALL traffic failed. 
• I Googled for hours, and found many people with a similar problem, and lots of people trying to be helpful but not actually helping.
• Disabling the firewall on my router 'solved' the problem.  This is why I recommend disabling the firewall.  It just makes one less thing to debug.  You WILL want to re-enable it before you connect it to the outside world.

Some suggested tweaks, once everything above is working:

• Re-enabling your firewall:
• Go to DD-WRT Security->Firewall, and re-enable the firewall.
• Go to DD-WRT Administration->Commands, and past the following:

iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT
iptables -I FORWARD 1 --source 192.168.8.0/24 -j ACCEPT

• If you didn't follow my advice to use my config exactly, you'll have to substitute your VPN's subnet for 192.168.8.0.
• Press the "Save Firewall" button.
• Go back to "here are some things to test" above, and connect and confirm that your VPN still works, now that you've enabled the firewall.  (You're still inside your router.  Remember -- deal with one source of trouble at a time.)
• Now it is time to make this work from outside the router.
• Edit your VPN client's config file and change "remote 192.168.9.1" to "remote your_external_ip_address 1194"
• Re-establish your VPN connection.
• Go back to "here are some things to test" above, and connect and confirm that your VPN still works, now that you're using the external IP.
• You might want to set up ad-blocking on your router.  I used a simplified (customized) edition of the script from http://hotfortech.wikispaces.com (Basically, I removed the automatic updates of nvram.)
• scp the modified disable_ads.sh to root@router:/jffs/etc/config/disable_ads.startup
• DD-WRT runs everything ending with ".startup in /jffs/etc/config at start-up.
• See http://www.dd-wrt.com/wiki/index.php/Script_Execution  and http://www.dd-wrt.com/wiki/index.php/Startup_Scripts  for more info on start-up scripts
  
• scp pixelserv to root@router:/jffs/dns/pixelserv
• ssh to the router, and run /jffs/etc/config/disable_ads.sh.  You want to ensure that this runs error-free before you reboot your router, or you could end up with a brick.
• Add these lines to "Additional DNSMasq Options" on DD-WRT Services->Services:
• conf-file=/jffs/dns/dnsmasq.adblock.conf
• addn-hosts=/jffs/dns/dlhosts
  
• MORE TO FOLLOW

I found these criteria, attributed to James Lifton.

• Dictating with whom members can communicate.
• Convincing members they are a chosen people with a higher purpose.
• Creating an us-versus-them mentality, whereby everything in the group is right and everything outside is wrong.
• Encouraging members to share their innermost secrets and then purge whatever hinders their merging with the group.
• Convincing members that their philosophical belief system is "the absolute truth".
• Creating an "in" language of buzzwords and group speak which becomes a substitute for critical thinking.
• Reinterpreting human experience and emotion in terms of the group's doctrine.
• Reinforcing the idea that life within the group is good and worthy, and life outside evil and pointless. </ul>

Late one night, a policeman observed a lone man peering intently at the ground underneath a street lamp in a parking lot. The policeman walks up to the lone man and the following dialog ensues.

• Policeman: Sir, what are you doing?
• Lone Man: I'm looking for my car keys.
• Policeman: Exactly where did you drop them?
• Lone Man: Over there, by my car.
• Policeman: Then why are you looking for them here?
• Lone Man: Because the light is so much better over here! </ul>