Mon Jul 13 10:06:17 BST 2015

I was connected to my PC remotely and noticed that I had some time skew (about 8 minutes) so I ran some command that synched my clock to an NTP source and all was good.

Until reboot.

So, a bit of googling later, I ran

# timedatectl set-ntp true
we'll see how that goes, but the wiki seems to indicate that it will.


Posted by root | Permalink

Mon Mar 23 12:38:33 GMT 2015

Upgrade problems Arch Linux (Daniel Wallace is invalid)

I was trying to upgrade my Arch linux system with the normal pacman -Syu command, but I was getting this error:

error: lib32-curl: key "Daniel Wallace " is disabled
:: File /var/cache/pacman/pkg/lib32-curl-7.41.0-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.

After a mooch around the Arch forums, I reinstalled the Arch keyring package, removed Daniel Wallace from my keychain manually and several other steps. Apparently all that was required was:

# pacman-key --init
# pacman-key --populate archlinux
(# indicates run from root prompt, or with a preceding sudo)
(final solution found (here)

After that, all works fine and I can upgrade with no problems :)


Posted by root | Permalink

Wed Feb 18 12:53:53 GMT 2015

Further Suresignal Adventures

After all of the setup with the Billion 8800NL I was left thinking I was doing very well and all was good with the world, then I noticed I wasn't getting delivery reports...

I figured it was the firewall on the router, so I enabled port forwarding as per the Vodafone guidelines (link)

Seconds later I heard my partners phone going crazy, all of the texts I had sent over the last 2 days arriving at once!

So, yeah, if you are not receiving calls and you have a SureSignal, try the port forwarding.


Posted by Phill | Permalink

Thu Feb 12 14:40:53 GMT 2015

Fiddling with the ASUS N55U

I have had trouble since moving to fibre (VDSL) with my Vodafone SureSignal.

The SureSignal just refuses to negotiate a connection with the Vodafone servers and Vodafone merely say, sorry since fibre uses PPPoE and we only support PPPoA, there is nothing we can do.

My ISP (Eclipse) who I have held in high regard for quite some time, were unfortunately unhelpful with, well a lot of our customers are quite successfully using a SureSignal on fibre, speak to Vodafone maybe..? [cos yeah, not thought of trying that one -.-].

At this point I think that I should explain the setup of my fibre installation - it will be the same as many others' out there:

The fibre connection is FTTC, so inside my house nothing has really changed, just a new faceplate on my master socket, this using a standard RJ11 connects to a Huawei Echolife DG612 modem (more on that later) which then connects to my own router specifying PPPoE credentails, the rest, again, remains normal...

Now, that Huawei device... it turns out it is actually quite a well specified device, just BT hand them out and lock them down so you can't access them over telnet, ssh, web... etc.

The Hauwei is set as a bridge and has 2 10/100 ports (remember this, there will be questions later!) one of the ports is stickered over with a not in use sticker; so - a little investigation later:

The Huawei can be accessed only from the stickered port by a device running with an IP of 192.168.1.100 AFTER it has been reflashed, search for the firmware from 'asbokid', all it does is put the same settings on and unlock the telnet and web interfaces, so, all well and good, got me onto the interface.

Looking at the web interface you will see 2 virtual interfaces, VLAN 101 and VLAN 301, VLAN 301 has it's own conspiracy theory which makes for some reading if you are interested, since it gets an IP over DHCP that is in a range owned by the American Department of Defence... VLAN 101 however is our bridge.

If you're really keen, you can set the device to route mode and enable DHCP and you can take your own router out of the mix, as long as you don't need wireless at that point...

So what has this to do with my SureSignal I hear you think... well, after setting up all of the useless port forwarding they expect you to do (it's a uPnP device, it can manage these itself) I read that the Vodafone servers allow fragmentation in their packets and because of the 8 byte overhead for PPPoE the initial handshake packets get fragmented, which wouldn't normally be a problem, except the first part apparently goes AWOL and the last 8 bytes arrives at what we can safely assume is a confused and innocent SureSignal...

So now we try to make the tunnel wider, increasing the MTU so that the Vodafone MTU of 1500 and the NAT MTU of 1500 can pass unharmed through the PPPoE tunnel, technically this is naughty, as the PPPoE standard is an MTU of 1492, but since the advent of gigabit networking, 'jumbo' frames are allowed over ethernet and this is PPPo Ethernet isn't it... so into the settings we delve, on the router (an Asus N55u) we hack about with the nvram and set the MTU to 1508 (I will write more on that in my next entry I think...).

This yields an external MTU of... you guessed it - 1492. Remember those 10/100 ports I mentioned earlier? Well, yep, they can take a maximum MTU of 1500... so sent off for a new router (a Billion 8800NL) and we'll see how that goes :)

OK I have time... I'll take you through setting the MTU on the ASUS to high values:

Log on to the web interface, enable telnet access and then go to configuring your connection, assuming you have an internet connection of PPPoE you will have a box for MTU and MRU, set both of these to 1200, save and reboot.

Log into the router:
$ telnet 192.168.1.1 23 [or substitute your router IP, if different, OR router.asus.com will work too, in most cases]
Default username is admin

Default password is admin

You will then be presented with a prompt
Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.
DSL-N55U login: admin
Password:

ASUSWRT DSL-N55U_3.0.0.4 Mon Jan 12 06:42:28 UTC 2015
admin@DSL-N55U:/tmp/home/root# 
Run
nvram show | grep 1200
This will show your settings affected by your earlier change, something like this:
# nvram show | grep 1200
size: 28885 bytes (3883 left)
wan1_pppoe_mtu=1200
wan1_pppoe_mru=1200
dslx_pppoe_mtu=1200
For each one, we set the values in nvram:
#nvram set wan1_pppoe_mtu=1508
#nvram set wan1_pppoe_mru=1508
#nvram set dslx_pppoe_mtu=1508
Then save and reboot:
#nvram commit
#reboot
Done!

To check your MTU you'll need a host outside of your setup, and - presuming it's Linux - run pathtrace with your IP:
pathtrace 123.1.2.3
This will report your MTU, if it is less than 1492 on PPPoE it's worth checking with your ISP :)

Posted by Phill | Permalink

Tue Aug 13 22:38:20 BST 2013

Buffalo Linkstation Password Woes

Resetting passwords on a Buffalo Linkstation

I was a little surprised to see that my password didn't work to log into my Buffalo LinkStation...

I checked my records and the password should have been what I was trying, however to no avail. So..! To Google!

Basically the storage is partitioned and runs a version of Linux (didn't investigate further than that), so I popped the drive into another machine to access the data within.

My first inclination was to check /etc/passwd, however this was the olden days...

The 'new' way is to update /etc/shadow (backing up first), change the line you want to change (we'll use 'phill')...
phill:<password hash>:12345:0:99999:7;
and change it to:
phill::12345:0:99999:7;
(no hash at all)
Replicate the changes in /etc/shadow- (backing up as you go...)

And you should now be able to log in without a password :) -----

Posted by Phill | Permalink

Tue Dec 25 10:47:15 GMT 2012

Hostname NAT DNS resolution

Well now, I just got a new router (an ASUS N55U if you're interested...) and I was wondering why unlike my old Belkin the router was having trouble getting hostnames from the clients on my network, Windows sadly worked, but then so did Fedora (F17). This meant there was an issue with my Gentoo boxes...
I have Avahi zeroconf networking installed, so I expected all of that sort of stuff to be taken care of; apparently I don't understand what the Ahahid does...
$ emerge -pv avahi

These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild   R    ] net-dns/avahi-0.6.30-r3  USE="autoipd dbus gdbm gtk introspection ipv6 mdnsresponder-compat mono python -bookmarks -doc -gtk3 -howl-compat -qt4 {-test} -utils" 0 kB

Total: 1 package (1 reinstall), Size of downloads: 0 kB
Nothing in there suggests that I'm missing any functionality, so on to further searches...
The computers all get their IP over DHCP from dhcpcd, luckily this problem has been encountered by others and a simple addition of "-h <HOSTNAME>" to the /etc/conf.d/net file in the dhcpcd options will propagate your hostname to the router:
/etc/conf.d/net

dhcpcd_eth0="-h morrigan"
obviously you'll need an entry per network device :) -----

Posted by Phill | Permalink

Sat May 12 14:50:26 BST 2012

Learning under pressure

Thought I should add a bit of the C# and MySQL that I've learnt over the last week, hopefully by next week there'll be some on VB.NET too...

First I'll point out that these examples are all in razor script and used in cshtml files, although they'll be easy enough to adapt to add to ASP or C# anyway.

In no particular order I'll start with one of the things that confused me at first, declaring an array; things have changed since I first learned programming and you declare the type of data in the array as an array, then the name of the array then set the values, like so:

[taken directly from MSDN]

// Declare a single-dimensional array 
int[] array1 = new int[5];

// Declare and set array element values
int[] array2 = new int[] { 1, 3, 5, 7, 9 };

// Alternative syntax
int[] array3 = { 1, 2, 3, 4, 5, 6 };

// Declare a two dimensional array
int[,] multiDimensionalArray1 = new int[2, 3];

// Declare and set array element values
int[,] multiDimensionalArray2 = { { 1, 2, 3 }, { 4, 5, 6 } };

// Declare a jagged array
int[][] jaggedArray = new int[6][];

// Set the values of the first array in the jagged array structure
jaggedArray[0] = new int[4] { 1, 2, 3, 4 };

-----

Posted by Phill | Permalink

Fri May 11 10:27:40 BST 2012

Firefox tabs

I was wondering how many tabs I had open in firefox today (I've just finished a project for a job application) and googled around and found this:
javascript:var w=Components.classes['@mozilla.org/appshell/window-mediator;1'].getService(Components.interfaces.nsIWindowMediator).getEnumerator('navigator:browser'),t=0;while(w.hasMoreElements())t+=w.getNext().document.getElementById("content").mTabs.length;alert("You have "+t+" tabs open");
you pop that into your error console (in firefox 12, Tools > Web Developer > Error Console)

and in case you were wondering... I had 93 tabs open at the time ;)

EDIT: I have since tried this and it no longer works (sad face) and you are warned:
TypeError: Components.classes is undefined
The Components object is deprecated. It will soon be removed.
There are now quite a few add-ins that will tell you though, probably easier, if less geeky...


Posted by Phill | Permalink

Fri May 4 18:41:25 BST 2012

Sharing with Windows

I've been setting up a Windows server (Windows Server 2008) to work in my home domain (as it is now!), the Windows partition and files are in a VM using VMWare, which sadly I may have to purchase licenses for both Windows and VMWare...

I want the Windows server to serve web pages supported with asp.NET and MSSQL whilst being able to edit the files from my Linux laptop.

I installed the IIS web platform, the SQL server and enabled all the appropriate options to be able to serve pages to my NAT network (the firewall stops outsiders). Having done this, to edit the files on my laptop, I enabled CIFS support on my kernel and rebooted, and set the Windows folder to share to everyone. To mount the share:
(substitute C and D with your network information, or the whole IP with the Windows computer designation and the windows_username with your windows username)

mount -t cifs //192.168.C.D/sharename /mnt/windows -o "user=windows_username"

(you'll need to have created a mount point, eg (as root)

# mkdir /mnt/windows
There are a few technical issues which arose from this, the most notable is that the web server on Windows will not access the folders in the share whilst it is mounted, so if you try to go to
http://localhost

or

http://127.0.0.1/
you will be greeted with a timeout and a blank web page. Oddly, from outside on another computer the files seem to serve correctly :confused:

I'll keep investigating, but for now, on to learning asp.NET and interfacing with SQL...

ADDENDUM!

I have been playing with IIS more now, and after the most fruitless search on the M$ support site (every search for "server 2008 <anything>" brought up server 2003 articles...) I found that it is normal for the pages not to serve AND (often) to be replaced with 404 errors, or show just the code - mine did the 404 error...

So, I went into the server manager program and found IIS doesn't turn on ASP (or asp.NET) by default, [have a look on http://learn.iis.net/page.aspx/562/classic-asp-not-installed-by-default-on-iis/ for full details - with pictures!] and you can turn on ASP features there... -----

Posted by Phill | Permalink

Tue Feb 14 10:16:15 GMT 2012

OpenDNS limitation with lookups

I wanted a contact form on my website, using PHP to contact me through the Exim installation on my server.

To complement this, I also wanted the sender's email address to be verified as correct, if not legitimate...

Email addresses are basically:
someone@somewhere.suffix
but 'someone' can be a series of punctuation if the person so desires it, so the verification requires parsing of possible escape codes.

'Somewhere.suffix' should also resolve to somewhere with a mail exchanger server, there begins my problems...

php DNS lookup:

checkdnsrr($domain,"A")
That code looks into /etc/resolv.conf (possibly done at PHP load time, but for simplicity, we'll run with this version...), gets the DNS server address, and asks for the A record of the domain.

However, this is where the problems begin. OpenDNS returns an IP for ANY domain, if the domain doesn't exist you get the IP for 'guide.opendns.com', which for our purposes is definitely not desirable.

The only workaround I have at the moment is using
php DNS MX lookup:

checkdnsrr($domain,"MX")
when I find out how to force PHP to use a custom DNS server, I will write again. (I suspect it will involve either a chroot or 'exec nslookup MY_DNS_SERVER' parsed for a regular expression.

-----

Posted by Phill | Permalink