Subscribe to TXLAB feed TXLAB
Just another hacking blog
Updated: 54 min 33 sec ago

Installing vSphere Replication from Linux CLI

Fri, 06/02/2017 - 18:43

tested with VCSA 6.1 and vSphere replication 6.1.1. OVF Tool 4.2.0 is installed on a Debian Jessy machine.

ovftool --acceptAllEulas -ds=datastore1 \ -n=<VMname> --ipAllocationPolicy=fixedPolicy \ --prop:password='*******' \ --prop:ntpserver=******* \ --vService:installation=com.vmware.vim.vsm:extension_vservice \ vSphere_Replication_OVF10.ovf  vi://vcenter01.domain.com/DC1/host/Cluster1/


Filed under: Networking Tagged: vmware

Acrylic enclosure for FriendlyElec NanoPi NEO2

Fri, 06/02/2017 - 10:38

The NanoPi NEO2 board by FriendlyElec has several options for an enclosure in their webshop. The 3D-printed plastic enclosure is of too poor quality, and it doesn’t fixate the heatsink properly on the CPU.

The acrylic case does not include washers, which makes the whole construct too fragile, as the screws can easily damage the plastic.  Also the M2.5 screws for fixing the heatsink are too short.

So, I added the following components to the design:

  • M3*16mm  screws (4 pieces)
  • M3 washers (24 pieces)

Also the following parts came with the acrylic case:

  • M3*6mm screws (4 pieces)
  • 6.3mm plastic spacers (4 pieces)
  • 25mm female-female M3 spacers (4 pieces)
  • 6mm male-female M3 spacers (4 pieces)

As a result, we get a sturdy case that is able to sustain some rough handling, like carrying it in a toolbox among other hardware.

(scratches on my phone camera made the pictures a bit too soft)

Filed under: Networking Tagged: arm, friendlyelec, linux

Two LTE modems with PC Engines APU3

Sat, 05/20/2017 - 02:21

PC Engines GmbH has recently released a new board, APU3. The difference from APU2 is that two mPCIe slots are suitable for 3G or LTE modems, whereas APU2 had only one such slot. This article explains how to utilize two HUAWEI ME909 LTE modems, and it’s applicable to other modems too.

One of the LTE modems has to occupy the slot which is otherwise usable for mSATA storage. So, the board has to use the SD card for booting, and Voyage Linux is designed for such setup. The scripts in this article are tested against Voyage Linux version: 0.11.0 (Build Date 20170122).

As with APU2, the Linux kernel assigns ttyUSB port numbers randomly, so two ME909 modems produce 10 ttyUSB devices with random numbers which change after a reboot.

The modems have identical serial numbers “0123456789ABCDEF”, and the only thing that allows distinguishing them reliably is the PCI slot number of the corresponding USB controller.

Luckily, APU3 board slots designed for LTE modems, J14 (mSATA/mPCIe 3), and J15 (mPCIE 2), are attached to different USB controllers. The third slot, J16 (mPCIE 1), shares the same USB controller with J15.

USB EHCI Controller at PCI device 00:12.0 is attached to J14, and the controller at 00:13.0 is attached to J15 and J16.

So, the udev rules require a small Shell script that translates DEVPATH variable into the PCI slot and function number, and the resulting string will persistently distinguish the devices attached to USB interfaces in J14 and J15:

cat >/etc/udev/devpath_to_pcislot <<'EOT'    #!/bin/sh echo ${DEVPATH} | sed -r \     -e 's,^\/[^\/]+\/[^\/]+\/[0-9af]{4}:[0-9af]{2}:,,' \     -e 's,\/.+,,' -e 's,\.,,g' EOT cat >/etc/udev/rules.d/99-wwan.rules <<'EOT' SUBSYSTEM=="tty", ATTRS{idVendor}=="12d1", ATTRS{idProduct}=="15c1", PROGRAM="/etc/udev/devpath_to_pcislot" SYMLINK+="ttyWWAN%c{1}_%E{ID_USB_INTERFACE_NUM}" SUBSYSTEM=="net", ATTRS{idVendor}=="12d1", ATTRS{idProduct}=="15c1", PROGRAM="/etc/udev/devpath_to_pcislot" NAME="lte%c{1}" EOT

After rebooting, you can see “lte120” and “lte130” network interfaces, and devices suitable for configuring modems: “/dev/ttyWWAN120_02” and “/dev/ttyWWAN130_02”. There are few other TTY interfaces for various purposes, as explained in HUAWEI documentation.

Filed under: Networking Tagged: 3G, linux, lte, pcengines

cpio: cap_set_file error when installing httpd RPM inside an LXC container

Thu, 04/27/2017 - 01:04

My physical machine runs Debian Jessie, and it has several LXC containers (mostly Debian and Ubuntu). Now I needed to test some software under CentOS, and I bumped into the following error when installing Apache HTTP server:

Downloading packages: httpd-2.4.6-45.el7.centos.4.x86_64.rpm                                                                        | 2.7 MB  00:00:00      Running transaction check Running transaction test Transaction test succeeded Running transaction   Installing : httpd-2.4.6-45.el7.centos.4.x86_64                                                                                1/1 Error unpacking rpm package httpd-2.4.6-45.el7.centos.4.x86_64 error: unpacking of archive failed on file /usr/sbin/suexec;590112cd: cpio: cap_set_file   Verifying  : httpd-2.4.6-45.el7.centos.4.x86_64                                                                                1/1 Failed:   httpd.x86_64 0:2.4.6-45.el7.centos.4

The thing is, that by default “/usr/share/lxc/config/centos.common.conf” defines the following capability drops:

lxc.cap.drop = mac_admin mac_override setfcap setpcap lxc.cap.drop = sys_module sys_nice sys_pacct lxc.cap.drop = sys_rawio sys_time

So, setfcap capability is required in order to install Apache. Use the following lines in your “/var/lib/lxc/NAME/config” to drop previously defined drops and set up a new list:

# flush all defined drops and define a new list lxc.cap.drop = lxc.cap.drop = mac_admin mac_override setpcap lxc.cap.drop = sys_module sys_nice sys_pacct lxc.cap.drop = sys_rawio sys_time

then restart the container, and “yum install httpd” should run as expected.

Filed under: Networking Tagged: debian, hosting, linux

FriendlyElec NanoPi NEO2, a better sub-$20 Linux computer

Mon, 04/17/2017 - 00:29

NanoPi NEO2 by FriendlyElec is a new sub-$20  Linux microcomputer, built on Allwinner H5 SoC, providing a Gigabit Ethernet and USB 2.0 interface. Also additional interfaces are possible via expansion headers (needs some soldering work). The board is equipped with 512MB DDR3 RAM.

It is highly recommended to buy the heatsink alongside with the board. The CPU is heating up quite significantly, and it needs cooling. With “stress -c 4” CPU load test, “armbianmonitor -m” shows the core temperature rising up to 75C. The board sustains long-term load under such conditions. But with a fan, the core temperature drops below 40C, and the power consumption drops significantly too.

The plastic 3D-printed enclosure is of little use. First, it’s quite easy to break when you insert the board. Also it does not fixate the heatsink properly.

So, I ended up in using the original cardboard packaging as a base for the board, just to avoid extra touching of electronic circuits, and to fixate the USB power cable:

Armbian nightly image booted without problems. Up to now, I noticed the following minor problems with it:

  1. it does not come up after reboot;
  2. “cpufreq-info” complains about unknown driver.

Network traffic tests with tcpkali (debs, deb build scripts) demonstrated that the CPU is able to saturate the Gigabit Ethernet port with TCP traffic, reaching above 900Mbps throughput.

All in all, this board looks much more reliable than Orange Pi Zero: it can work for long hours with an  USB Wifi dongle, whereas OPI0 was hanging up after few minutes of work (using the same USB power cable and power source and the dongle).


Filed under: Networking Tagged: arm, iot, linux, networking

Orange Pi Zero, a sub-$20 Linux computer

Mon, 03/27/2017 - 23:38

Orange Pi Zero with 512MB RAM, expansion board and black case is sold for sub-$20, including postal costs, and it is so far the cheapest Linux device you can buy.

Armbian project provides a dedicated image for this board. The nightly build is quite stable, and there’s also legacy kernel which works well.

The computer is equipped with a 100/10 Ethernet NIC, and the top throughput that I could achieve was about 90Mbps.

The on-board WiFi adapter is of very poor quality: regardless of the antenna attached, it gives about 6Mbps connection speed and excessive packet loss (up to 20% lost pings). It’s useless for any practical application, and it’s easier to disable it completely.

The two USB ports on the expansion board are not enabled by default in the legacy kernel. You need to add the following line to /boot/armbianEnv.txt file, and reboot the box:

overlays=usbhost2 usbhost3

In order to disable the onboard WiFi, comment the top line, and add another line in /etc/modprobe.d/xradio_wlan.conf:

#options xradio_wlan macaddr=DC:44:6D:1F:3C:14 blacklist xradio_wlan

Then, run the following commands to update the kernel boot parameters:

depmod -ae update-initramfs -u

The onboard USB ports are not extremely fast: with an GigE or Wifi USB adapter, the maximum speed that I could achieve was about 40Mbps. But at least you get a stable and reliable connection.

The micro-USB OTG port is used for powering the device, and the board can freeze if the power consumption on USB ports is too big. For example, an external USB drive is very likely to knock the whole thing off.

Network Manager is installed by default by Armbian, and that allows easy plug-and-play WiFi configuration, adding new SSID and passwords from “nmcli” command-line interface.

All in all, it’s still quite a pretty device in a small enclosure. It can be used as a low-cost or throw-away network agent or VPN gateway for remote access. Also it can act as a measurement agent for all kinds of network testing, especially if you need a massive deployment and price difference is important.

Filed under: Networking Tagged: arm, linux, networking, wifi

Building a remote office VPN with FortiGate firewalls

Fri, 03/24/2017 - 04:34

A customer has its own PI range of public IP addresses, and they way to use part of this range in a remote office and place some servers there. The remote office is connected via some third-party ISP. So, the VPN tunnel should route the customer’s addresses and provide full Internet access to the remote office. Both sides should use Fortinet’s FortiGate firewalls.

It is quite natural to use a policy-based VPN for the remote side: the policy would match “all” destination addresses, and send all Internet traffic to the IPSec tunnel. But the central site is a firewall on a stick, so both Internet and IPSec traffic are going through the same wan1 interface.

Professional support at a local Fortinet partner gave an idea that I could not derive from any documentation: policy-based VPN and interface-based VPN can work together within the same IPSec tunnel.

So, the remote site is configured with policy-based VPN. The tunnel’s Phase 2 selector is for both source and destination. The VPN policy matches all traffic from the local LAN addresses to “all”.

The central site is configured as interface-based VPN. The tunnel is pointing to a dynamic DNS endpoint, and the Phase 2 selector is also (as it must match the selector on the other side of the tunnel). Then, it’s accomplished with in- and outbound policies that “ACCEPT” all traffic from and to the remote LAN, and a static route that sends all traffic toward remote LAN through the tunnel.

Filed under: Networking Tagged: ipsec

Running Ubuntu on Chuwi Hi10 Pro tablet

Sat, 03/11/2017 - 02:09

Chuwi Hi10 Protablet is sold for about $200 with an attachable keyboard, which makes it a potential candidate to replace my old Acer Aspire One and run Linux on it. It’s also equipped with a high-quality 10″, 1920×1200 IPS screen.

The tablet is based on Intel Atom x5-Z8350 CPU, which requires a fresh Linux kernel. So I started with pre-release of Lubuntu 17.04 (Zesty Zapus).

So far, out of the box:

  • screen is oriented vertically, which makes it difficult to operate with the keyboard.
  • Touchscreen, sound, Bluetooth, and Wifi are not visible to the kernel.

Solving the screen orientation:

In /etc/default/grub, edit the following setting:


Then, add the following to make lightdm rotate the screen automatically:

cat >/etc/lightdm/chuwi_hi10_screen_orientation.sh <<'EOT' #!/bin/sh xrandr --orientation right EOT cat >/etc/lightdm/lightdm.conf.d/50_chuwi_hi10.conf <<'EOT' [SeatDefaults] display-setup-script=/etc/lightdm/chuwi_hi10_screen_orientation.sh EOT # this will apply the setting immediately: systemctl restart lightd

There is one bug though: for some reason, the display manager still thinks it’s the old resolution, e.g. 1920 on vertical resolution,  so all fonts look much smaller than they are, and window closing buttons are hardly visible. If I start lightdm without my customization and login, and then run “xrandr –orientation right”, all fonts and window controls are of normal size.

Windows recognizes the WiFi hardware as “Realtek RTL8723BS Wireless LAN 802.11n SDIO Network Adapter”, so I need to figure out how to make it work in Linux. This fix does not work with kernel 4.10.0-11 (bug is already filed: https://github.com/hadess/rtl8723bs/issues/119)

Filed under: Networking

Backing up VmWare VM without powering off

Sun, 02/05/2017 - 23:40

Here’s a sequence of commands in an ssh session to an ESXi host that creates a VM backup without interrupting its work. Of course it’s only a snapshot of the disk, so there may be corrupted files as a result. vmkfstools command requires full file path for the source and destination VMDK files.

# This lists all virtual machines and their IDs. # Further in this example, our VM is number 18 vim-cmd vmsvc/getallvms cd /vmfs/volumes/datastore1/VMNAME vim-cmd vmsvc/snapshot.create 18 mybackup mkdir /vmfs/volumes/nas1/backup/VMNAME vmkfstools -i VMNAME.vmdk /vmfs/volumes/nas1/backup/VMNAME/VMNAME.vmdk cp VMNAME.vmx /vmfs/volumes/nas1/backup/VMNAME/ vim-cmd vmsvc/snapshot.removeall 18
Filed under: Networking Tagged: vmware

Summary of WWAN cards configuration

Tue, 08/02/2016 - 00:49

In this github repo, I put together my knowledge about WWAN cards setup, alongside with all initialization scripts.

Filed under: Networking Tagged: 3G, GSM, linux, pcengines, UMTS

Huawei ME909s-120 LTE modem

Fri, 07/01/2016 - 02:47

Huawei ME909s-120 is the newest modem of Huawei LTE/UMTS family, and it is sold for around $70 at TechShip.se and at Aliexpress.

The modem is immediately recognized as CDC Ethernet device in Debian 8 kernel, and is visible as usb0 interface. In the scripts below, the ttyUSBx serial ports are aliased to ttyWWANxx, and usb0 is renamed to lte0, in order to avoid any naming conflicts with other devices, and also to avoid possible name changes  due to a kernel upgrade.

cat >/etc/udev/rules.d/99-huawei-wwan.rules <<'EOT' SUBSYSTEM=="tty", ATTRS{idVendor}=="12d1", ATTRS{idProduct}=="15c1", SYMLINK+="ttyWWAN%E{ID_USB_INTERFACE_NUM}" SUBSYSTEM=="net", ATTRS{idVendor}=="12d1", ATTRS{idProduct}=="15c1", NAME="lte0" EOT cat >/etc/chatscripts/sunrise.HUAWEI <<'EOT' ABORT BUSY ABORT 'NO CARRIER' ABORT ERROR TIMEOUT 10 '' ATZ OK 'AT+CFUN=1' OK 'AT+CMEE=1' OK 'AT\^NDISDUP=1,1,"internet"' OK EOT cat >/etc/chatscripts/gsm_off.HUAWEI <<'EOT' ABORT ERROR TIMEOUT 5 '' AT+CFUN=0 OK EOT cat >/etc/network/interfaces.d/lte0 <<'EOT' allow-hotplug lte0 iface lte0 inet dhcp     pre-up /usr/sbin/chat -v -f /etc/chatscripts/sunrise.HUAWEI >/dev/ttyWWAN02 </dev/ttyWWAN02     post-down /usr/sbin/chat -v -f /etc/chatscripts/gsm_off.HUAWEI >/dev/ttyWWAN02 </dev/ttyWWAN02 EOT
Filed under: Networking Tagged: 3G, GSM, pcengines

Resetting GSM modules on Yeastar gateways using Ansible

Wed, 06/29/2016 - 13:18

Sometimes there’s a need to reset a GSM module on a Yeastar GSM gateway. For example, SIM cards of one of our providers get into faulty state every few weeks, and only a reset helps.

The GSM module can either be rebooted via Web GUI, or from the Asterisk console. But the Asterisk console can only work on the same host where the asterisk daemon runs, so you need to make an SSH connection into the Yeastar box to do that. Also it’s impossible to save a public SSH key in a Yeastar box, so only password authentication works.

Ansible is a powerful toolset for managing remote hosts, and it appears to be perfectly suitable for managing the GSM gateways.

Ansible 2.x is available for Debian 8 from jessie-backports repository. There are some important differences from version 1.7 that is installed from default repositories, and in particular, ansible_host and ansible_port variables.

After installing Ansible, uncomment host_key_checking = False in /etc/ansible/ansible.cfg , so that the SSH client stops verifying the remote host SSH signatures. Otherwise the host signatures should be listed in your known_hosts file.

The following lines in /etc/ansible/hosts list your GSM gateways:

[yeastar] gsm01 ansible_host= ansible_ssh_pass=kljckhjeswvdfesv gsm02 ansible_host= ansible_ssh_pass=dmnckjfvrever gsm03 ansible_host= ansible_ssh_pass=dcmnkljdfhfe [yeastar:vars] ansible_user=root ansible_port=8022

If you use the same root password on all devices, the password variable can be moved to the group variables.

Ansible uses SFTP for ad-hoc commands, and SFTP is not available on Yestar gateways. But the raw module works just fine, and resetting a GSM module can now be done with a simple command from your management server:

ansible gsm03 -m raw -a '/bin/asterisk -rx "gsm power reset 2"'


Filed under: Networking Tagged: GSM, linux, pbx, sip, voip

Best Android tablet for little children

Fri, 06/17/2016 - 00:17

Our good old Samsung Galaxy Tab 3 7.0 Kids Tablet has finally died after over 3 years of everyday heavy use, so I needed a new solution. So far, here is the best combination that I could find:

This silicon case for Samsung Galaxy TAB A 7″ SM-T280 is a solid and protective piece, and it allows the kids hold the tablet with their little hands without slipping off. It also works as a stand, so it’s very convenient for watching videos.

The Samsung Galaxy Tab A (7″, 8GB, Metallic Black) fits perfectly into the protective case. The tablet is coming with preinstalled “Kids Mode” application, which is pretty neat, but very restrictive: the kid can watch only the videos on SD card that you mark as safe, and YouTube is not available. You can install kid-safe YouTube wrappers from the Play market, but it’s a bit too much hassle to my taste.

So, instead of the Samsung Kids Mode, I installed Kids Place by kiddoware. With a little payment, you get a good child protection mode, and you can enable YouTube directly on the child screen. The payment is also transferable to other devices under your account.

Also, this portable Bluetooth speaker works as a stand for a tablet, and it produces a much better sound than the tablet’s own speaker. Unfortunately the silicon case is too thick for this stand, but it’s a minor issue, and the speaker can easily be placed behind the tablet.


Filed under: Hardware Tagged: kids

udev rules for ttyUSB devices

Tue, 06/14/2016 - 12:41

In my particular case, there are two physical USB devices that are represented as TTY devices in the kernel: a Gobi2000 3G modem, and a 4-port USB-to-serial adapter. The modem is presented by two ttyUSB devices, and the USB-to-serial adapter adds four more. At the machine boot, these devices get assigned random numbers ttyUSB0 to ttyUSB5, and this assignment changes between reboots.

So, this needs udev rules which would assign symlinks to these devices, and the symlinks should remain valid between the reboots.

As there’s only one physical device of each type attached to the host, we can base our udev rules on idVendor and idProduct attributes. If you need to distinguish between multiple physical devices of the same type, you have to match serial numbers in your udev rules.

The next task is to distinguish between virtual TTY devices within the same physical device. The easiest way to perform this is to extract all available attributes for two devices and look at the difference between them:

udevadm info -a -n /dev/ttyUSB4 >x4 udevadm info -a -n /dev/ttyUSB5 >x5 diff -u x4 x5

The challenge with the 3G modem is that the two TTY devices are only differing in bInterfaceNumber attribute:

-    ATTRS{bInterfaceNumber}=="01" +    ATTRS{bInterfaceNumber}=="02"

This attribute is derived during the device initialization and is not available for udev matching rules. Instead, there is environment variable ID_USB_INTERFACE_NUM which represents these values. The following commands help in identifying the needed match. The full device strings are taken from the output of “udevadm info” command:

udevadm test '/devices/pci0000:00/0000:00:13.0/usb3/3-1/3-1.3/3-1.3:1.1/ttyUSB4/tty/ttyUSB4' >z4 udevadm test '/devices/pci0000:00/0000:00:13.0/usb3/3-1/3-1.3/3-1.3:1.2/ttyUSB5/tty/ttyUSB5' >z5 diff -u z4 z

The output identifies clearly that ID_USB_INTERFACE_NUM is the variable that we can rely upon in fixing to a particular port inside the 3G modem.

Analogous comparison for the USB-to-Serial adapter shows that the ports are differing in “devpath” attribute.

So, we add the following udev rules:

cat >/etc/udev/rules.d/99-usb-serial.rules <<'EOT' SUBSYSTEM=="tty", ATTRS{idVendor}=="03f0", ATTRS{idProduct}=="251d", SYMLINK+="ttyGOBI%E{ID_USB_INTERFACE_NUM}" SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", SYMLINK+="ttyFTDI%s{devpath}" EOT

The “udevadm test” commands as specified above help in testing udev rules without the need to reboot the host.

After rebooting, we get the following devices with persistent names:

# ls -al /dev/tty* | grep USB lrwxrwxrwx 1 root root          7 Jun 14 11:22 /dev/ttyFTDI1.1 -> ttyUSB0 lrwxrwxrwx 1 root root          7 Jun 14 11:22 /dev/ttyFTDI1.2 -> ttyUSB1 lrwxrwxrwx 1 root root          7 Jun 14 11:22 /dev/ttyFTDI1.3 -> ttyUSB2 lrwxrwxrwx 1 root root          7 Jun 14 11:22 /dev/ttyFTDI1.4 -> ttyUSB3 lrwxrwxrwx 1 root root          7 Jun 14 11:33 /dev/ttyGOBI01 -> ttyUSB4 lrwxrwxrwx 1 root root          7 Jun 14 11:35 /dev/ttyGOBI02 -> ttyUSB5 crw-rw---- 1 root dialout 188,  0 Jun 14 11:22 /dev/ttyUSB0 crw-rw---- 1 root dialout 188,  1 Jun 14 11:22 /dev/ttyUSB1 crw-rw---- 1 root dialout 188,  2 Jun 14 11:22 /dev/ttyUSB2 crw-rw---- 1 root dialout 188,  3 Jun 14 11:22 /dev/ttyUSB3 crw-rw---- 1 root dialout 188,  4 Jun 14 11:33 /dev/ttyUSB4 crw-rw---- 1 root dialout 188,  5 Jun 14 11:35 /dev/ttyUSB5


Filed under: Networking Tagged: 3G, linux, pcengines

FreeSWITCH startup for FusionPBX

Mon, 05/16/2016 - 04:23

If you install FreeSWITCH 1.6 on Debian 8 from official .deb packages, and then add FusionPBX on top, the server boot sequence needs a modification: now FreeSWITCH configuration depends on the presence of Postgresql server, and it would load an empty configuration if the database service is not available at the moment of start.

This fixup adds a dependency on FreeSWITCH systemd service, so that it launches only after Postgresql has started:

mkdir /etc/systemd/system/freeswitch.service.d/ cat  >/etc/systemd/system/freeswitch.service.d/fusionpbx.conf <<'EOT' [Unit] After=syslog.target network.target local-fs.target postgresql.service EOT
Filed under: Networking Tagged: freeswitch, linux, pbx, voip

tcpkali, TCP load generator

Thu, 05/05/2016 - 23:47

tcpkali is a lightweight and  easy-to-use tool that allows you to generate a traffic load with multiple TCP sessions. You push the load in one or both directions at the same time. Also the tool works easily over a NAT’ed connection. This tool is great if you need to test QoS for VoIP applications.

Here’s an example of a bidirectional load test:

# listening machine: listen on tcp port 8000, send traffic, and use 4 threads. # the program will exit in 1 hour. tcpkali -l 8000  --listen-mode=active -m X -T 1h -w 4 # connecting machine: send traffic using 4 threads and 10 simultaneous sessions # for 1 minute tcpkali -m Y -c 10 -T1m -w 4

The above test between directly connected PC Engines APU2 boards has shown 1Gbps of traffic, and the average CPU load was about 50%.

Filed under: Networking Tagged: linux, networking, pcengines, testing, voip

Novatel E371 WWAN LTE modem for APU

Mon, 04/04/2016 - 01:57

Novatel E371 (also known as Dell DW5804) is sold for less than $30 at Aliexpress, and it’s so far the cheapest 4G/LTE WWAN card suitable for PC-Engines APU.

The initialization is fairly simple, although it was tricky to find the right command (AT$NWQMICONNECT=,,).

cat >/etc/chatscripts/lte_on.E371 <<'EOT' ABORT BUSY ABORT 'NO CARRIER' ABORT ERROR TIMEOUT 10 '' ATZ OK 'AT+CFUN=1' OK 'AT+CMEE=1' OK 'AT\$NWQMICONNECT=,,' OK EOT cat >/etc/chatscripts/lte_off.E371 <<'EOT' ABORT ERROR TIMEOUT 5 '' AT\$NWQMIDISCONNECT OK AT+CFUN=0 OK EOT cat >/etc/network/interfaces.d/wwan0 <<'EOT' allow-hotplug wwan0 iface wwan0 inet dhcp     pre-up /usr/sbin/chat -v -f /etc/chatscripts/lte_on.E371 >/dev/ttyUSB0 </dev/ttyUSB0     post-down /usr/sbin/chat -v -f /etc/chatscripts/lte_off.E371 >/dev/ttyUSB0 </dev/ttyUSB0 EOT
Filed under: Networking Tagged: 3G, lte, pcengines, UMTS

One more 3G modem (Gobi2000) and a watchdog script

Sun, 04/03/2016 - 01:54

Qualcomm Gobi 2000 is quite old (released 2009), but decent 3G modem, able to deliver up to 7Mbps in downstream in PPP mode. These modems in mini-pcie packaging are available at Aliexpress for less than $10, and make up a great option for 3G connectivity for PC Engines APU boards.

The modem needs a binary firmware to be loaded at the start. Numerous sources in Internet describe the ways to retrieve these files. The kernel driver in Debian 8 recognizes the modem as generic Qualcomm one, and sets up a QMI device (wwan0). But this model does not support packet mode, and you need to run PPP over ttyUSB1 device.

apt-get install -y gobi-loader wvdial mkdir /lib/firmware/gobi cd /lib/firmware/gobi wget --no-check-certificate -nd -nc https://www.nerdstube.de/lenovo/treiber/gobi/{amss.mbn,apps.mbn,UQCN.mbn} cat >/etc/wvdial.conf <<'EOT' [Dialer Defaults] Init1 = ATZ Init2 = AT+CGDCONT=1,"IP","internet" Phone = *99# New PPPD = yes Modem = /dev/ttyUSB1 Dial Command = ATDT Baud = 9600 Username = '' Password = '' Ask Password = 0 Stupid Mode = 1 Compuserve = 0 Idle Seconds = 0 ISDN = 0 Auto DNS = 1  EOT cat >/etc/network/interfaces.d/ppp0 <<'EOT' auto ppp0 iface ppp0 inet wvdial EOT

Also this script is useful for 3G connections, because with some providers, the Internet connection gets stalled every few days and needs to be re-connected.

Filed under: Networking Tagged: 3G, GSM, linux, pcengines, UMTS

Quality Assurance for VoIP calls: integration scripts

Tue, 03/08/2016 - 10:36

The scripts for integrating FreeSWITCH with Sevana AQuA software are now available at github: https://github.com/voxserv/fsqa

More details on what they are doing are available in this older post: https://txlab.wordpress.com/2015/06/02/quality-assurance-for-voip-calls-2/

Filed under: Networking Tagged: freeswitch, monitoring, pbx, sip, testing, voip

Quick IP prefix calculation

Mon, 06/08/2015 - 12:24

It’s a quite common task that you need to translate an IP address into a prefix — for example, when creating an IP prefix list from a set of addresses. Here’s a simple Perl script that helps it:

sudo apt-get install libnetaddr-ip-perl cat >getprefix.pl <<'EOT' use strict; use warnings; use NetAddr::IP; if( scalar(@ARGV) == 0 ) {     die("Usage: $0 PREFIX ..."); } foreach my $pref (@ARGV) {     my $ip = NetAddr::IP->new($pref) or         die("Cannot create NetAddr::IP from $pref");     print $ip->network()->cidr(), "\n"; } EOT # testing cat >/tmp/x <<'EOT' EOT cat /tmp/x | xargs perl getprefix.pl | awk '{print "set ", $1}' set set
Filed under: Networking Tagged: network management, networking, perl


Using the greatness of Parallax

Phosfluorescently utilize future-proof scenarios whereas timely leadership skills. Seamlessly administrate maintainable quality vectors whereas proactive mindshare.

Dramatically plagiarize visionary internal or "organic" sources via process-centric. Compellingly exploit worldwide communities for high standards in growth strategies.

Get free trial

Wow, this most certainly is a great a theme.

John Smith
Company name

Startup Growth Lite is a free theme, contributed to the Drupal Community by More than Themes.