tankos code







Remember tankos?



I wrote Tankos in C and I used the ATMEL Studio to put it together,
the code is on github ...





Hardware:
  • one ATmega328 Arduino ( UNO ) board
  • one SR04 ultrasonic range detector
  • tamiya tracks ( got them from a bulldozer toy )
  • one tamiya twin-motor gearbox that I geared to go slow with a lot of torque
  • one small tower pro servo
  • fuses, buttons , switches , breadboard cables , a tiny breadbord, 4 18650s, a twin 18650 case that connects them in series, two single 18650 cases , dc jacks , H bridges , plywood , screws , random pieces of clear plastic, etc




if you want to recreate tankos and you need help in choosing hardware or find your way around the code please contact me .







tankos code



Centos 7 VNC server

Centos 7 VNC server notes

The distro
# cat /etc/issue /etc/redhat-release 
\S
Kernel \r on an \m

CentOS Linux release 7.1.1503 (Core) 



Install tigervnc-server
# yum install tigervnc-server




set the vnc password for the asystemuser user
# su asystemuser
$ vncpasswd


puch the appropriate firewall holes
# firewall-cmd --permanent --zone=public --add-service vnc-server
# firewall-cmd --reload


start VNC server as asystemuser
# su asystemuser
$ vncserver




centos 7 vnc server

notes on moving xen guests to KVM

Set up the KVM guest in the KVM host
virt-install -n xxenguest -r 4096 --vcpus=2 --os-type=linux --disk /home/vm/xxenguest/xxenguest-copy.img --network=bridge:br0 --hvm --vnc --noautoconsole --import








Switch to rtl8139 Ethernet controller module in /etc/modprobe.conf in the KVM guest
# cat /etc/modprobe.conf
#alias scsi_hostadapter ata_piix
alias scsi_hostadapter xen-vbd
alias sym53c8xx off
alias net-pf-10 off
alias ipv6 off
options ipv6 disable=1
alias eth0 8139cp
#alias eth0 xen-vnif







notes on moving xen guests to KVM

upgrade to debian 8

Upgrade wheezy ( debian 7 ) to jessie ( debian 8 )

adjust /etc/apt/sources.list to something like this
deb http://ftp.gr.debian.org/debian/ jessie main non-free contrib
deb-src http://ftp.gr.debian.org/debian/ jessie main non-free contrib

deb http://security.debian.org/ jessie/updates main contrib non-free
deb-src http://security.debian.org/ jessie/updates main contrib non-free

# jessie-updates, previously known as 'volatile'
deb http://ftp.gr.debian.org/debian/ jessie-updates main contrib non-free
deb-src http://ftp.gr.debian.org/debian/ jessie-updates main contrib non-free

Most likely, NTUA 's debian mirror in athens is not your closest mirror.
You may want to use another debian mirror.

upon adjusting /etc/apt/sources.list update apt index
# apt-get update


and upgrade all the packages and the base system
# apt-get upgrade

or
# apt-get dist-upgrade


You will have to quit a few informative pagers and answer a few questions, but everything works out fine.





upgrade to debian 8



netem notes

tc qdisc netem notes

Usage: ... netem [ limit PACKETS ]
                 [ delay TIME [ JITTER [CORRELATION]]]
                 [ distribution {uniform|normal|pareto|paretonormal} ]
                 [ corrupt PERCENT [CORRELATION]]
                 [ duplicate PERCENT [CORRELATION]]
                 [ loss random PERCENT [CORRELATION]]
                 [ loss state P13 [P31 [P32 [P23 P14]]]
                 [ loss gemodel PERCENT [R [1-H [1-K]]]
                 [ reorder PRECENT [CORRELATION] [ gap DISTANCE ]]
                 [ rate RATE [PACKETOVERHEAD] [CELLSIZE] [CELLOVERHEAD]]



Show default queueing discipline
lithium:~# tc -s qdisc ls dev eth0
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 5029 bytes 21 pkt (dropped 0, overlimits 0 requeues 0)
 backlog 0b 0p requeues 0


pfifo_fast
    Standard qdisc for 'Advanced Router' enabled kernels. Consists of a three-band queue which honors Type of  Service  flags,
    as well as the priority that may be assigned to a packet.


Baseline Measurements:

lithium# iperf -c 172.31.1.2
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  3] local 172.31.1.1 port 44196 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   994 MBytes   834 Mbits/sec
lithium# iperf -c 172.31.1.2 -P2
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  4] local 172.31.1.1 port 44198 connected with 172.31.1.2 port 5001
[  3] local 172.31.1.1 port 44197 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec   570 MBytes   478 Mbits/sec
[  3]  0.0-10.0 sec   548 MBytes   460 Mbits/sec
[SUM]  0.0-10.0 sec  1.09 GBytes   937 Mbits/sec


lithium# iperf -u -c 172.31.1.2 -b 1000M
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  4] local 172.31.1.1 port 36755 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec   943 MBytes   791 Mbits/sec
[  4] Sent 672968 datagrams
[  4] Server Report:
[  4]  0.0-10.0 sec   940 MBytes   788 Mbits/sec   0.009 ms 2631/672967 (0.39%)
[  4]  0.0-10.0 sec  1 datagrams received out-of-order
lithium# iperf -u -c 172.31.1.2 -b 1000M -P2
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  5] local 172.31.1.1 port 46261 connected with 172.31.1.2 port 5001
[  4] local 172.31.1.1 port 46175 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  5]  0.0-10.0 sec   570 MBytes   478 Mbits/sec
[  5] Sent 406871 datagrams
[  4]  0.0-10.0 sec   570 MBytes   478 Mbits/sec
[  4] Sent 406570 datagrams
[SUM]  0.0-10.0 sec  1.11 GBytes   957 Mbits/sec
[  5] Server Report:
[  5]  0.0-10.0 sec   570 MBytes   478 Mbits/sec   0.019 ms  111/406870 (0.027%)
[  5]  0.0-10.0 sec  29 datagrams received out-of-order
[  4] Server Report:
[  4]  0.0-10.0 sec   570 MBytes   478 Mbits/sec   0.011 ms  281/406569 (0.069%)
[  4]  0.0-10.0 sec  1 datagrams received out-of-order


lithium# ping 172.31.1.2 -c3
PING 172.31.1.2 (172.31.1.2) 56(84) bytes of data.
64 bytes from 172.31.1.2: icmp_req=1 ttl=64 time=0.444 ms
64 bytes from 172.31.1.2: icmp_req=2 ttl=64 time=0.530 ms
64 bytes from 172.31.1.2: icmp_req=3 ttl=64 time=0.515 ms

--- 172.31.1.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.444/0.496/0.530/0.041 ms


Configure netem based (fixed) 50ms delay on egress
lithium# tc qdisc add dev eth0 root netem delay 50ms
Measure
lithium# ping 172.31.1.2 -c3
PING 172.31.1.2 (172.31.1.2) 56(84) bytes of data.
64 bytes from 172.31.1.2: icmp_req=1 ttl=64 time=50.6 ms
64 bytes from 172.31.1.2: icmp_req=2 ttl=64 time=50.7 ms
64 bytes from 172.31.1.2: icmp_req=3 ttl=64 time=50.7 ms

--- 172.31.1.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 50.600/50.698/50.772/0.197 ms


lithium# iperf -c 172.31.1.2
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  4] local 172.31.1.1 port 44199 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec   170 MBytes   142 Mbits/sec
lithium# iperf -c 172.31.1.2 -P2
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  5] local 172.31.1.1 port 44201 connected with 172.31.1.2 port 5001
[  4] local 172.31.1.1 port 44200 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  5]  0.0-10.0 sec   177 MBytes   148 Mbits/sec
[  4]  0.0-10.1 sec  73.4 MBytes  61.2 Mbits/sec
[SUM]  0.0-10.1 sec   250 MBytes   209 Mbits/sec


lithium# iperf -u -c 172.31.1.2 -b 1000M
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  4] local 172.31.1.1 port 42788 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec   886 MBytes   743 Mbits/sec
[  4] Sent 631941 datagrams
[  4] Server Report:
[  4]  0.0-10.0 sec   273 MBytes   229 Mbits/sec   0.015 ms 437415/631940 (69%)
[  4]  0.0-10.0 sec  1 datagrams received out-of-order
lithium# iperf -u -c 172.31.1.2 -b 1000M  -P2
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  5] local 172.31.1.1 port 32920 connected with 172.31.1.2 port 5001
[  4] local 172.31.1.1 port 52721 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  5]  0.0-10.0 sec   495 MBytes   415 Mbits/sec
[  5] Sent 353252 datagrams
[  5] Server Report:
[  5]  0.0-10.2 sec   139 MBytes   114 Mbits/sec  15.732 ms 253866/352872 (72%)
[  5]  0.0-10.2 sec  30 datagrams received out-of-order


Change the netem root qdisc to 50ms +- 25ms delay on egress
lithium# tc qdisc change dev eth0 root netem delay 50ms 25ms


Measure

lithium# ping -c6 172.31.1.2
PING 172.31.1.2 (172.31.1.2) 56(84) bytes of data.
64 bytes from 172.31.1.2: icmp_req=1 ttl=64 time=46.2 ms
64 bytes from 172.31.1.2: icmp_req=2 ttl=64 time=62.0 ms
64 bytes from 172.31.1.2: icmp_req=3 ttl=64 time=74.2 ms
64 bytes from 172.31.1.2: icmp_req=4 ttl=64 time=75.3 ms
64 bytes from 172.31.1.2: icmp_req=5 ttl=64 time=47.5 ms
64 bytes from 172.31.1.2: icmp_req=6 ttl=64 time=57.6 ms

--- 172.31.1.2 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5008ms
rtt min/avg/max/mdev = 46.284/60.522/75.317/11.461 ms


lithium# iperf -c 172.31.1.2
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  4] local 172.31.1.1 port 44202 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec  36.4 MBytes  30.5 Mbits/sec
lithium# iperf -c 172.31.1.2 -P2
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  4] local 172.31.1.1 port 44203 connected with 172.31.1.2 port 5001
[  5] local 172.31.1.1 port 44204 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec  36.1 MBytes  30.2 Mbits/sec
[  5]  0.0-10.0 sec  25.2 MBytes  21.1 Mbits/sec
[SUM]  0.0-10.0 sec  61.4 MBytes  51.3 Mbits/sec
lithium# iperf -u -c 172.31.1.2 -b 1000M
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  4] local 172.31.1.1 port 49905 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec   943 MBytes   791 Mbits/sec
[  4] Sent 672834 datagrams
[  4] Server Report:
[  4]  0.0-4466.0 sec   280 MBytes   526 Kbits/sec  16.734 ms 472969/672832 (70%)
[  4]  0.0-4466.0 sec  191972 datagrams received out-of-order
lithium# iperf -u -c 172.31.1.2 -b 1000M -P2
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  5] local 172.31.1.1 port 57588 connected with 172.31.1.2 port 5001
[  4] local 172.31.1.1 port 50446 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec   484 MBytes   406 Mbits/sec
[  4] Sent 344967 datagrams
[  4] Server Report:
[  4]  0.0-4544.3 sec   141 MBytes   260 Kbits/sec  16.698 ms 244564/344965 (71%)
[  4]  0.0-4544.3 sec  95803 datagrams received out-of-order


Lots of latency and crazy jitter, the network is on crack
lithium# tc qdisc change dev eth0 root netem delay 400ms 300ms
lithium# ping -c20 172.31.1.2
PING 172.31.1.2 (172.31.1.2) 56(84) bytes of data.
64 bytes from 172.31.1.2: icmp_req=1 ttl=64 time=224 ms
64 bytes from 172.31.1.2: icmp_req=2 ttl=64 time=157 ms
64 bytes from 172.31.1.2: icmp_req=3 ttl=64 time=283 ms
64 bytes from 172.31.1.2: icmp_req=4 ttl=64 time=633 ms
64 bytes from 172.31.1.2: icmp_req=5 ttl=64 time=256 ms
64 bytes from 172.31.1.2: icmp_req=6 ttl=64 time=313 ms
64 bytes from 172.31.1.2: icmp_req=7 ttl=64 time=275 ms
64 bytes from 172.31.1.2: icmp_req=8 ttl=64 time=477 ms
64 bytes from 172.31.1.2: icmp_req=9 ttl=64 time=553 ms
64 bytes from 172.31.1.2: icmp_req=10 ttl=64 time=416 ms
64 bytes from 172.31.1.2: icmp_req=11 ttl=64 time=637 ms
64 bytes from 172.31.1.2: icmp_req=12 ttl=64 time=594 ms
64 bytes from 172.31.1.2: icmp_req=13 ttl=64 time=647 ms
64 bytes from 172.31.1.2: icmp_req=14 ttl=64 time=315 ms
64 bytes from 172.31.1.2: icmp_req=15 ttl=64 time=356 ms
64 bytes from 172.31.1.2: icmp_req=16 ttl=64 time=211 ms
64 bytes from 172.31.1.2: icmp_req=17 ttl=64 time=215 ms
64 bytes from 172.31.1.2: icmp_req=18 ttl=64 time=256 ms
64 bytes from 172.31.1.2: icmp_req=19 ttl=64 time=638 ms
64 bytes from 172.31.1.2: icmp_req=20 ttl=64 time=453 ms

--- 172.31.1.2 ping statistics ---
20 packets transmitted, 20 received, 0% packet loss, time 19026ms
rtt min/avg/max/mdev = 157.775/395.904/647.801/165.088 ms


Big latency and big jitter but attempt 90% correlation of each random element with his next random element
lithium# tc qdisc change dev eth0 root netem delay 400ms 300ms 90%
lithium# ping -c20 172.31.1.2
PING 172.31.1.2 (172.31.1.2) 56(84) bytes of data.
64 bytes from 172.31.1.2: icmp_req=1 ttl=64 time=398 ms
64 bytes from 172.31.1.2: icmp_req=2 ttl=64 time=283 ms
64 bytes from 172.31.1.2: icmp_req=3 ttl=64 time=135 ms
64 bytes from 172.31.1.2: icmp_req=4 ttl=64 time=202 ms
64 bytes from 172.31.1.2: icmp_req=5 ttl=64 time=475 ms
64 bytes from 172.31.1.2: icmp_req=6 ttl=64 time=685 ms
64 bytes from 172.31.1.2: icmp_req=7 ttl=64 time=320 ms
64 bytes from 172.31.1.2: icmp_req=8 ttl=64 time=347 ms
64 bytes from 172.31.1.2: icmp_req=9 ttl=64 time=692 ms
64 bytes from 172.31.1.2: icmp_req=10 ttl=64 time=687 ms
64 bytes from 172.31.1.2: icmp_req=11 ttl=64 time=356 ms
64 bytes from 172.31.1.2: icmp_req=12 ttl=64 time=390 ms
64 bytes from 172.31.1.2: icmp_req=13 ttl=64 time=269 ms
64 bytes from 172.31.1.2: icmp_req=14 ttl=64 time=375 ms
64 bytes from 172.31.1.2: icmp_req=15 ttl=64 time=178 ms
64 bytes from 172.31.1.2: icmp_req=16 ttl=64 time=618 ms
64 bytes from 172.31.1.2: icmp_req=17 ttl=64 time=248 ms
64 bytes from 172.31.1.2: icmp_req=18 ttl=64 time=236 ms
64 bytes from 172.31.1.2: icmp_req=19 ttl=64 time=375 ms
64 bytes from 172.31.1.2: icmp_req=20 ttl=64 time=595 ms

--- 172.31.1.2 ping statistics ---
20 packets transmitted, 20 received, 0% packet loss, time 19010ms
rtt min/avg/max/mdev = 135.251/393.653/692.645/171.976 ms


in order to hide his crack-pipe, we may just need reduce the delay variation
lithium# tc qdisc change dev eth0 root netem delay 200ms 20ms 50%
lithium# ping -c20 172.31.1.2
PING 172.31.1.2 (172.31.1.2) 56(84) bytes of data.
64 bytes from 172.31.1.2: icmp_req=1 ttl=64 time=206 ms
64 bytes from 172.31.1.2: icmp_req=2 ttl=64 time=196 ms
64 bytes from 172.31.1.2: icmp_req=3 ttl=64 time=196 ms
64 bytes from 172.31.1.2: icmp_req=4 ttl=64 time=211 ms
64 bytes from 172.31.1.2: icmp_req=5 ttl=64 time=191 ms
64 bytes from 172.31.1.2: icmp_req=6 ttl=64 time=188 ms
64 bytes from 172.31.1.2: icmp_req=7 ttl=64 time=213 ms
64 bytes from 172.31.1.2: icmp_req=8 ttl=64 time=219 ms
64 bytes from 172.31.1.2: icmp_req=9 ttl=64 time=185 ms
64 bytes from 172.31.1.2: icmp_req=10 ttl=64 time=196 ms
64 bytes from 172.31.1.2: icmp_req=11 ttl=64 time=193 ms
64 bytes from 172.31.1.2: icmp_req=12 ttl=64 time=194 ms
64 bytes from 172.31.1.2: icmp_req=13 ttl=64 time=215 ms
64 bytes from 172.31.1.2: icmp_req=14 ttl=64 time=209 ms
64 bytes from 172.31.1.2: icmp_req=15 ttl=64 time=184 ms
64 bytes from 172.31.1.2: icmp_req=16 ttl=64 time=182 ms
64 bytes from 172.31.1.2: icmp_req=17 ttl=64 time=183 ms
64 bytes from 172.31.1.2: icmp_req=18 ttl=64 time=213 ms
64 bytes from 172.31.1.2: icmp_req=19 ttl=64 time=187 ms
64 bytes from 172.31.1.2: icmp_req=20 ttl=64 time=207 ms

--- 172.31.1.2 ping statistics ---
20 packets transmitted, 20 received, 0% packet loss, time 19028ms
rtt min/avg/max/mdev = 182.506/198.908/219.301/11.804 ms


See qdisc statistics
lithium# tc -s qdisc ls dev eth0
qdisc netem 8005: root refcnt 2 limit 1000 delay 200.0ms  20.0ms 50%
 Sent 2367236851 bytes 1567250 pkt (dropped 2837991, overlimits 0 requeues 0)
 backlog 106b 1p requeues 0


Use a normal distribution for the pseudorandom delay variation
lithium# tc qdisc change dev eth0 root netem delay 200ms 20ms distribution normal
lithium# ping -c20 172.31.1.2
PING 172.31.1.2 (172.31.1.2) 56(84) bytes of data.
64 bytes from 172.31.1.2: icmp_req=1 ttl=64 time=195 ms
64 bytes from 172.31.1.2: icmp_req=2 ttl=64 time=196 ms
64 bytes from 172.31.1.2: icmp_req=3 ttl=64 time=183 ms
64 bytes from 172.31.1.2: icmp_req=4 ttl=64 time=183 ms
64 bytes from 172.31.1.2: icmp_req=5 ttl=64 time=166 ms
64 bytes from 172.31.1.2: icmp_req=6 ttl=64 time=208 ms
64 bytes from 172.31.1.2: icmp_req=7 ttl=64 time=224 ms
64 bytes from 172.31.1.2: icmp_req=8 ttl=64 time=216 ms
64 bytes from 172.31.1.2: icmp_req=9 ttl=64 time=211 ms
64 bytes from 172.31.1.2: icmp_req=10 ttl=64 time=221 ms
64 bytes from 172.31.1.2: icmp_req=11 ttl=64 time=206 ms
64 bytes from 172.31.1.2: icmp_req=12 ttl=64 time=219 ms
64 bytes from 172.31.1.2: icmp_req=13 ttl=64 time=214 ms
64 bytes from 172.31.1.2: icmp_req=14 ttl=64 time=197 ms
64 bytes from 172.31.1.2: icmp_req=15 ttl=64 time=216 ms
64 bytes from 172.31.1.2: icmp_req=16 ttl=64 time=182 ms
64 bytes from 172.31.1.2: icmp_req=17 ttl=64 time=179 ms
64 bytes from 172.31.1.2: icmp_req=18 ttl=64 time=223 ms
64 bytes from 172.31.1.2: icmp_req=19 ttl=64 time=209 ms
64 bytes from 172.31.1.2: icmp_req=20 ttl=64 time=220 ms

--- 172.31.1.2 ping statistics ---
20 packets transmitted, 20 received, 0% packet loss, time 19030ms
rtt min/avg/max/mdev = 166.480/203.929/224.446/16.774 ms


... pinging lithium from another host we should observe a similar behavior but now his ECHO_REPLYs are slowed down
beryllium# ping -A -c20 172.31.1.1
PING 172.31.1.1 (172.31.1.1) 56(84) bytes of data.
64 bytes from 172.31.1.1: icmp_req=1 ttl=64 time=203 ms
64 bytes from 172.31.1.1: icmp_req=2 ttl=64 time=204 ms
64 bytes from 172.31.1.1: icmp_req=3 ttl=64 time=207 ms
64 bytes from 172.31.1.1: icmp_req=4 ttl=64 time=221 ms
64 bytes from 172.31.1.1: icmp_req=5 ttl=64 time=185 ms
64 bytes from 172.31.1.1: icmp_req=6 ttl=64 time=224 ms
64 bytes from 172.31.1.1: icmp_req=7 ttl=64 time=182 ms
64 bytes from 172.31.1.1: icmp_req=8 ttl=64 time=178 ms
64 bytes from 172.31.1.1: icmp_req=9 ttl=64 time=220 ms
64 bytes from 172.31.1.1: icmp_req=10 ttl=64 time=236 ms
64 bytes from 172.31.1.1: icmp_req=11 ttl=64 time=180 ms
64 bytes from 172.31.1.1: icmp_req=12 ttl=64 time=184 ms
64 bytes from 172.31.1.1: icmp_req=13 ttl=64 time=205 ms
64 bytes from 172.31.1.1: icmp_req=14 ttl=64 time=197 ms
64 bytes from 172.31.1.1: icmp_req=15 ttl=64 time=227 ms
64 bytes from 172.31.1.1: icmp_req=16 ttl=64 time=173 ms
64 bytes from 172.31.1.1: icmp_req=17 ttl=64 time=180 ms
64 bytes from 172.31.1.1: icmp_req=18 ttl=64 time=199 ms
64 bytes from 172.31.1.1: icmp_req=19 ttl=64 time=192 ms
64 bytes from 172.31.1.1: icmp_req=20 ttl=64 time=204 ms

--- 172.31.1.1 ping statistics ---
20 packets transmitted, 20 received, 0% packet loss, time 3842ms
rtt min/avg/max/mdev = 173.172/200.557/236.417/17.955 ms, pipe 2, ipg/ewma 202.210/198.474 ms


Availabe probability distributions
lithium# ls -1 /usr/lib/tc/*dist
/usr/lib/tc/experimental.dist
/usr/lib/tc/normal.dist
/usr/lib/tc/pareto.dist
/usr/lib/tc/paretonormal.dist


Drop random 0.5% of packets ( tc, not layer3, packets )
lithium# tc qdisc change dev eth0 root netem loss 0.5%
lithium# ping -A -c10000 -q beryllium
PING beryllium (172.31.1.2) 56(84) bytes of data.

--- beryllium ping statistics ---
10000 packets transmitted, 9948 received, 0% packet loss, time 3538ms
rtt min/avg/max/mdev = 0.065/0.159/3.710/0.094 ms, ipg/ewma 0.353/0.145 ms


beryllium# ping -A -c10000 -q lithium
PING lithium (172.31.1.1) 56(84) bytes of data.

--- lithium ping statistics ---
10000 packets transmitted, 9949 received, 0% packet loss, time 3470ms
rtt min/avg/max/mdev = 0.069/0.166/3.337/0.088 ms, ipg/ewma 0.347/0.156 ms


Show qdisc statistics
lithium# tc -s qdisc ls dev eth0
qdisc netem 8007: root refcnt 2 limit 1000 loss 0.5%
 Sent 1962385 bytes 20015 pkt (dropped 103, overlimits 0 requeues 0)
 backlog 0b 0p requeues 0


Remove our netem queing discipline
lithium# tc qdisc del dev eth0 root


Baseline measurements
lithium# ping -A -c10000 -q beryllium
PING beryllium (172.31.1.2) 56(84) bytes of data.

--- beryllium ping statistics ---
10000 packets transmitted, 10000 received, 0% packet loss, time 2730ms
rtt min/avg/max/mdev = 0.062/0.146/0.602/0.079 ms, ipg/ewma 0.273/0.117 ms


beryllium# ping -A -c10000 -q lithium
PING lithium (172.31.1.1) 56(84) bytes of data.

--- lithium ping statistics ---
10000 packets transmitted, 10000 received, 0% packet loss, time 2868ms
rtt min/avg/max/mdev = 0.066/0.163/3.487/0.091 ms, ipg/ewma 0.286/0.220 ms


1% (random) drop with probality(n) = 0.8 * propablity(n-1) + 0.2 * Random
lithium# tc qdisc add dev eth0 root netem loss 1% 80%


skipping the measurements --they are inconclusive
... hmm , maybe I need to put sodium --one more host-- in the game

~3% of duplicates
lithium# tc qdisc change dev eth0 root netem duplicate 3%
lithium# ping -A -c10000 -q beryllium
PING beryllium (172.31.1.2) 56(84) bytes of data.

--- beryllium ping statistics ---
10000 packets transmitted, 10000 received, +317 duplicates, 0% packet loss, time 2844ms
rtt min/avg/max/mdev = 0.066/0.149/3.409/0.075 ms, pipe 2, ipg/ewma 0.284/0.131 ms


~1% of single bit errors in the packets ( frames? )
lithium# tc qdisc change dev eth0 root netem corrupt 1%
lithium# ping -A -c10000 -q beryllium
PING beryllium (172.31.1.2) 56(84) bytes of data.

--- beryllium ping statistics ---
10000 packets transmitted, 9909 received, 0% packet loss, time 3874ms
rtt min/avg/max/mdev = 0.064/0.156/0.648/0.078 ms, ipg/ewma 0.387/0.165 ms


force out of order with gap
gap uses a fixed sequence and reorders every Nth packet
eg the following should cause ~20% of every 3rd packet to be sent immediately while the ~previous two packets are delayed for 10ms
lithium# tc qdisc change dev eth0 root netem reorder 20% gap 3 delay 10ms
lithium# ping -A -c10000 -q beryllium
PING beryllium (172.31.1.2) 56(84) bytes of data.

--- beryllium ping statistics ---
10000 packets transmitted, 9895 received, 1% packet loss, time 102198ms
rtt min/avg/max/mdev = 0.142/9.139/13.900/3.517 ms, pipe 2, ipg/ewma 10.220/8.481 ms
lithium# tc -s qdisc ls dev eth0
qdisc netem 8008: root refcnt 2 limit 1000 delay 10.0ms reorder 20% corrupt 1% gap 3
 Sent 2009781566 bytes 1745324 pkt (dropped 10, overlimits 0 requeues 2653)
 backlog 0b 0p requeues 2653


Force out of order
25% of packets (with a correlation of 50%) will get sent immediately, (all) others will be delayed by 10ms
lithium# tc qdisc change dev eth0 root netem delay 10ms reorder 25% 50%
lithium# ping -A -c10000 -q beryllium
PING beryllium (172.31.1.2) 56(84) bytes of data.

--- beryllium ping statistics ---
10000 packets transmitted, 9899 received, 1% packet loss, time 104680ms
rtt min/avg/max/mdev = 0.109/9.829/13.955/2.632 ms, pipe 2, ipg/ewma 10.469/7.666 ms
lithium# ping -A -c10 beryllium
PING beryllium (172.31.1.2) 56(84) bytes of data.
64 bytes from beryllium (172.31.1.2): icmp_req=1 ttl=64 time=10.6 ms
64 bytes from beryllium (172.31.1.2): icmp_req=2 ttl=64 time=10.5 ms
64 bytes from beryllium (172.31.1.2): icmp_req=3 ttl=64 time=10.5 ms
64 bytes from beryllium (172.31.1.2): icmp_req=4 ttl=64 time=10.4 ms
64 bytes from beryllium (172.31.1.2): icmp_req=5 ttl=64 time=10.4 ms
64 bytes from beryllium (172.31.1.2): icmp_req=6 ttl=64 time=10.6 ms
64 bytes from beryllium (172.31.1.2): icmp_req=7 ttl=64 time=10.5 ms
64 bytes from beryllium (172.31.1.2): icmp_req=8 ttl=64 time=10.6 ms
64 bytes from beryllium (172.31.1.2): icmp_req=9 ttl=64 time=10.8 ms
64 bytes from beryllium (172.31.1.2): icmp_req=10 ttl=64 time=10.5 ms

--- beryllium ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 100ms
rtt min/avg/max/mdev = 10.486/10.582/10.813/0.150 ms, ipg/ewma 11.116/10.600 ms


Reorder with delay eg delay each packet 100ms +-rand(75)ms Jitter
lithium# tc qdisc change dev eth0 root netem delay 100ms 75ms
lithium# ping -A -c10 beryllium
PING beryllium (172.31.1.2) 56(84) bytes of data.
64 bytes from beryllium (172.31.1.2): icmp_req=1 ttl=64 time=152 ms
64 bytes from beryllium (172.31.1.2): icmp_req=2 ttl=64 time=168 ms
64 bytes from beryllium (172.31.1.2): icmp_req=3 ttl=64 time=88.1 ms
64 bytes from beryllium (172.31.1.2): icmp_req=4 ttl=64 time=137 ms
64 bytes from beryllium (172.31.1.2): icmp_req=5 ttl=64 time=145 ms
64 bytes from beryllium (172.31.1.2): icmp_req=6 ttl=64 time=105 ms
64 bytes from beryllium (172.31.1.2): icmp_req=7 ttl=64 time=138 ms
64 bytes from beryllium (172.31.1.2): icmp_req=8 ttl=64 time=164 ms
64 bytes from beryllium (172.31.1.2): icmp_req=9 ttl=64 time=174 ms
64 bytes from beryllium (172.31.1.2): icmp_req=10 ttl=64 time=123 ms

--- beryllium ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 1307ms
rtt min/avg/max/mdev = 88.111/139.794/174.547/26.414 ms, pipe 2, ipg/ewma 145.244/143.915 ms
lithium# ping -A -c1000 -q beryllium
PING beryllium (172.31.1.2) 56(84) bytes of data.

--- beryllium ping statistics ---
1000 packets transmitted, 991 received, 0% packet loss, time 102193ms
rtt min/avg/max/mdev = 26.115/102.891/175.749/43.053 ms, pipe 3, ipg/ewma 102.295/92.228 ms






netem







alog netem

cpan : Terminal does not support AddHistory. on debian

# cpan
Terminal does not support AddHistory.


Term::ReadLine::Perl is missing

Term::ReadLine::Perl is debian-packaged as libterm-readline-perl-perl

# apt-get install libterm-readline-perl-perl
# cpan

cpan shell -- CPAN exploration and modules installation (v2.05)
Enter 'h' for help.

cpan[1]>         




Debian cpan Terminal does not support AddHistory



install gnome on jessie

Install gnome on Debian Jessie

The system
# cat /etc/issue /etc/debian_version 
Debian GNU/Linux 8 \n \l

8.2



Install gnome
# tasksel install gnome-desktop --new-install


which is (tasksel test)
# tasksel -t install gnome-desktop
debconf-apt-progress -- apt-get -q -y -o APT::Install-Recommends=true -o APT::Get::AutomaticRemove=true -o APT::Acquire::Retries=3 install task-gnome-desktop









install gnome on jessie

django notes

Notes on setting up a basic django app on a debian system using MySQL and Apache2 ...

Install the apache2 HTTP daemon
# apt-get install apache2


Install the WSGI apache2 module ( Python Web Server Gateway Interface )
# apt-get install libapache2-mod-wsgi


Install MySQL, the MySQL database development files, and the Python interface to MySQL
# apt-get install mysql-server libmysqlclient-dev python-mysqldb


Install gcc, build-essential and python headers
# apt-get install gcc build-essential python-dev


Install Python Virtual Environment Creator to avoid system Python
# apt-get install python-virtualenv


Create a virtual python environment
$ virtualenv django


Create or copy a file listing the python requirements.
e.g.
# cat requirements.txt 
Django==1.8.4                                                                                            
Markdown==2.6.2
MySQL-python==1.2.5
argparse==1.2.1
django-filter==0.11.0
djangorestframework==3.2.3
mysql==0.0.1
mysqlclient==1.3.6
wsgiref==0.1.2


And install them into the django virtual python environment
# source django/bin/activate
(django):~# pip install -r ./django/requirements.txt 


Check python modules installed into the django python virtual environment
(django):~# pip freeze
Django==1.8.4
Markdown==2.6.2
MySQL-python==1.2.5
argparse==1.2.1
django-filter==0.11.0
djangorestframework==3.2.3
mysql==0.0.1
mysqlclient==1.3.6
wsgiref==0.1.2


Create a django_project and configure the Apache HTTP daemon
(django):~# cd /var/www/sites/myproject
(django):~# django-admin startproject myproject .
(django):~# deactivate
#


Create a virtual host, eg.
# cat /etc/apache2/sites-available/000-myproject.conf 
<VirtualHost *:80>

  ServerAdmin g0@spam.bot.ipduh.com
  DocumentRoot /var/www/sites/myproject/www


 WSGIDaemonProcess wids python-path=/var/www/sites/myproject:/home/myproject/django/lib/python2.7/site-packages
 WSGIProcessGroup  myproject
 WSGIScriptAlias / /var/www/sites/myproject/myproject/wsgi.py

 Alias /static/  /var/www/sites/myproject/www/static/

  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

# vim: syntax=apache ts=2 sw=2 sts=2 sr noet



Enable the new virtual apache host and restart apache
# a2ensite 000-myproject.conf
# /etc/init.d/apache2 restart


use your browser to see the django welcome page,
you should see: It worked! Congratulations ...

Configure django to use MySQL, it uses SQLite by default.

add a mysql user and a mysql database
# mysql -u root -p
mysql>create database myproject;
mysql> grant all on myproject.* to myproject_user;
mysql> set password for myproject_user=password('somepasswd');
mysql>flush privileges;
mysql> exit
Bye
#


Configure the django project to use MySQL, edit settings.py
DATABASES = {
    'default': {
  'ENGINE': 'django.db.backends.mysql',
#   'ENGINE': 'mysql.connector.django',
        'NAME': 'myproject',
        'USER': 'myproject_user',
        'PASSWORD': 'somepasswd',
        'HOST': 'localhost',
        'PORT': '3306',
    }
}



Create the MySQL schema
(django):# python manage.py migrate


Copy the django-admin-app static files directory to /var/www/sites/myproject/www/static/
The directory that contains the admin static files for admin should be in django/lib/python2.7/site-packages/django/contrib/admin/static

Create a django super user
(django):# python manage.py createsuperuser




django - MySQL - apache2 on debian notes



Just the Privacy and Security part

from ipduh privacy and the https search fix

Many computer users think that by installing and using some browser plugin they will magically protect their privacy --which is false.

Every time you install a browser-plugin you run yet more brilliant xor stupid and good xor evil code that expands the attack surface on your system and your privacy and adds features or bugs or backdoors.

Actually, privacy-wise disabling javascript is OK, installing random plugins that run tones of "obfuscated" javascript or compiled closed code that you have no clue of what it really does in your browser is usually not. Plugins like flash, java, quicktime, itunes, silverlight, adobe reader, windows media player may be more dangerous for your privacy or your security than javascript plugins.

In addition, every time that you do not look like an average human using an average system you stick out and many of your plugins are visible if you are running javascript.

In most modern web browsers you do not need special browser plugins in order to disable cookies or javascript. Try it out. You will soon realize that most of the web is broken without javascript even though ipduh is not very broken.

When it comes to modern web browsers I consider Chrome and Mozilla based browsers put together by companies or groups I "trust" (Google, Mozilla, Debian) more secure than Microsoft Internet Explorer and Opera and IE and Opera more secure than the rest ...
don't ask me for a formal proof ... it is an opinion ...

However, Chromium and Mozilla based browsers ( Chrome , Firefox , Seamonkey , Iceweasel etc ) , Safari , Internet Explorer , Opera and the rest of the modern web browsers are ridiculously complex pieces of software used by millions if not billions of humans. There you have both opportunity and motivation for profit, control and power. Hence, all modern browsers are insecure. Put together or read thoroughly the source of a basic text HTTP(s) client if you are really paranoid.

Certain three letter agencies may have exploits or backdoors that compromise your browser and your privacy ( accessing your system ,even gaining administrator privileges, and certainly seeing 'your' first public IP address ) even if you do not run javascript or plugins. And they may be able to do that without even having you visiting a website they (p)own. Connecting to the Internet and firing up your web browser may be enough.

Up untill recently I had a little 'java applet' that would reveal your private and your first public IP address in the anonymity checker. If an one man weekend software shop can do this, imagine what larger software shops, the software shops that put together your web browser or government agencies can do.

Unfortunately many incompetent or devious folks are in the business of talking privacy or selling privacy. If you are concerned about your privacy you should take the matter in your hands and not leave it to me or anyone else. Use a common up-to-date browser put together by someone you 'trust' that does not stick out and use a combination of privacy tools like Tor or some sort of VPN which is used by many users and not just you.

A VPN, a proxy or an intermediate 'dark net' like Tor or I2P may harm your system or compromise even more your privacy if it is misused by you or purposely configured by its operators to do so.

Combine and alternate privacy tools and test settings and tools in many ways. An easy privacy test is the ipduh anonymity checker.























Just the Privacy and Security part



















added the MAC address to vendor tool to apropos



A while ago I put together a little tool
that maps EUI-48 and EUI-64 Media Access Control ( MAC ) addresses to Vendors
eg 00:00:0C:DE:FE:DC



I just added it to apropos
and it works with : and - delimiters
eg 00:00:08:02:11:B0 or 00:00:08:02:11:a0



MAC to Vendor from apropos

ipduh privacy and the https search fix





If apropos gets a query not related to inter-networking technology stuff like ip , dns , etc
sends it to a custom google

The ipduh custom google search is using google APIs and javascript pulled from google.
By mistake the google javascript URI was using always HTTP even when someone was using ipduh over HTTPS --my bad. I am sorry.

Due to my mistake, javascript run by your browser and some ipduh queries were traveling the internets in plaintext even when you were visiting ipduh over HTTPS. My mistake is fixed now and the google javascript is being always downloaded from a TLS encrypted URL.

If you are concerned about your privacy you should at least visit ipduh over HTTPS.
It is safe to trust and install the ipduh Certificate Authority if you trust me. I am certainly less evil and more skilled than many managers of CAs installed in your browser or your OS by default.

However,there is not an established trust path to ipduh and someone in between you and an ipduh server may serve you another ipduh server cerificate or CA certificate the very first time.

If you want to be sure that you installed the original ipduh CA certificate verify the certificate's fingerprint at https://github.com/ipduh/ipduhca.
My github CA repository provides only a way to verify the certificate fingerprint through an established trust path and has nothing to do with my TLS.

Provided that you trust me and that you installed the original ipduh server certificate or CA certificate in your browser, the authentication of ipduh and the encryption between ipduh and you is the same with the authentication and encryption provided by keys signed by Certificate Authorities like Comodo, Thawte etc.
Authenticating the ipduh servers is just a little tougher the very first time.

Many computer users think that by installing and using this or the other browser plugin they will protect their privacy --which is false.
Every time you install a browser-plugin you run yet more brilliant xor stupid and good xor evil code that expands the attack surface on your system and your privacy and adds features or bugs or backdoors.
Actually, privacy-wise disabling javascript is OK, installing random plugins that run tones of "obfuscated" javascript or compiled closed code that you have no clue of what it really does in your browser is usually not.
Also, every time that you do not look like an average human using an average system you stick out and many of your plugins are visible if you are running javascript.

You may disable cookies and even javascript for ipduh. This way you will evade some of the ipduh analytics and the google ads and still get a somewhat usable site. ( ipduh analytics have absolutely nothing to do with google analytics )
I do my best to provide a service that does not depend on javascript and I tried from the beginning to accommodate scripts and automated tools provided they do not abuse my service.

At least in Mozilla based browsers you do not need special browser plugins in order to disable cookies or javascript. Try it out. You will soon realize that most of the web is broken.

Plugins like flash, java, quicktime, itunes, silverlight, adobe reader, windows media player may be more dangerous than javascript plugins.

When it comes to modern web browsers I consider Chrome and Mozilla based browsers put together by companies or groups I "trust" (Google,Mozilla,Debian) much more secure than Opera, Microsoft Internet Explorer and the rest. However, Chrome and Mozilla based browsers ( Firefox , Seamonkey , Iceweasel etc ) are ridiculously complex pieces of software used by millions if not billions of humans. There you have both opportunity and motivation for profit, control, power. Hence, all modern browsers are insecure. Put together a basic text HTTP(s) client if you are really paranoid.

Certain three letter agencies may have exploits or backdoors that compromise your browser and your privacy ( accessing your system ,even gaining administrator privileges, and certainly seeing 'your' first public IP address ) even if you do not run javascript or plugins.

Back to logging at ipduh.
Most ipduh usage analytics are based on connection logs from layer 3 up to HTTP(S). I am not using google analytics or any other third party web analytics service.
( I am using google analytics at alog though :) )
At ipduh I am the only one who looks at logs and only when something bad happens.

Many incompetent or devious folks are in the business of talking privacy or selling privacy. If you are concerned about your privacy you should take the matter in your hands and not leave to me or anyone else. Use a common up-to-date browser put together by someone you 'trust' that does not stick out and use a combination of privacy tools like Tor or some sort of VPN which is used by many users and not just you.

A VPN, a proxy or an intermediate 'dark net' like Tor or I2P may harm your system or compromise even more your privacy if it is misused by you or purposely configured by its operators to do so.

Combine and alternate privacy tools and test settings and tools in many ways. An easy privacy test is the ipduh anonymity checker.







ipduh https search fix and privacy stuff ...







debian jessie mikrotik winbox

use mikrotik winbox on debian jessie

# su
# dpkg --add-architecture i386
# apt-get update
# apt-get install wine:i386
# exit
$ wine ~/Downloads/winbox.exe


debian jessie mikrotik winbox

Greek ISPs Caching DNS









A list with DNS servers provided by the Greek Internet Service Providers.

sl.ipduh.com/gr-isp-dns

gr-isp-dns (the actual ipduh-list URI)



Most caching name servers operated by Greek ISPs answer only to DNS queries coming from their own networks. You will need to use Public DNS Caches or your own recursive-resolver if you need caching DNS that works everywhere.











Nameservers-DNS for Greek ISPs

windows 10 enable Administrator account

Notes on enabling the Administrator account on Windows10

Run powershell or cmd as Administrator

List users
net user


Enable hidden administrator account
net user administrator /active:yes


Put a password to the adminstrator account
net user administrator *




enable administrator account on windows 10

samba ... mount windows shares from windows

mount windows shares on windows
net use \\192.168.1.2\share password /USER:sambauser







lm-sensors debian

lm-sensors on debian
Monitor-Read Hardware Sensors; temperature, voltage, fan speed

# apt-get install lm-sensors
# sensors-detect
# sensors


example output of sensors
# sensors
k10temp-pci-00c3
Adapter: PCI adapter
temp1:        +57.4°C  (high = +70.0°C)
                       (crit = +105.0°C, hyst = +104.0°C)






lm-sensors debian



iw voyage linux

Messing with iw the nl80211 based CLI configuration utility on Voyage Linux

# iw --version
iw version 3.4


Show wifi interface(s) capabilities
# iw list
or
# iw phy


Disable a wifi interface
# ip link set wlan0 down


Bring up a wifi interface
# ip a |grep wlan
5: wlan0:  mtu 1500 qdisc mq state DOWN qlen 1000
# ip link set wlan0 up
# ip a |grep wlan
5: wlan0:  mtu 1500 qdisc mq state DOWN qlen 1000


Scan for cells-WLANs in range
# iwlist wlan0 scan


Create the mon0 monitor interface
# iw phy phy0 interface add mon0 type monitor


Bring up the mon0 monitior interface
# ip link set mon0 up


Delete the mon0 monitor interface
# iw dev mon0 del


List network interfaces, map them to the wireless hardware
# iw dev
phy#0
    Interface wlan0
        ifindex 5
        type managed


# iw phy phy0 interface add mon0 type monitor
# iw dev
phy#0
    Interface mon0
        ifindex 7
        type monitor
    Interface wlan0
        ifindex 5
        type managed


Put a wifi interface in managed mode
# iwconfig |grep wlan
wlan0     IEEE 802.11abgn  Mode:Master  Tx-Power=30 dBm
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:off
# iw dev wlan0 del
# iw phy phy0 interface add wlan0 type managed
# iw dev
phy#0
    Interface wlan0
        ifindex 7
        type managed


Use wpa_supplicant
# apt-get install wpasupplicant


# wpa_supplicant -i wlan0 -c <(wpa_passphrase somessid passwd)
or put in background
# wpa_supplicant -B -i wlan0 -c <(wpa_passphrase somessid passwd)
in case there is a DHCP server in the WLAN
# dhclient wlan0


use wpa_supplicant to connect to a specific bssid
# cat /etc/wpa_supplicant/wpa_supplicant-scripts/test.conf
#test.conf
#connect to chosen bssid and broadcasted ssid
ap_scan=1
network={
    bssid=6c:99:ed:40:43:e8
    ssid="somessid"
    #psk="somepasswd"
    psk=c715c20684b1a80454f7b67acd8613b865b8870493be1a4b104539ec90fbc02f
}
# wpa_supplicant -i wlan0 -B -c /etc/wpa_supplicant/wpa_supplicant-scripts/test.conf


See the set regulatory domain
# iw reg get
country GR:
    (2402 - 2482 @ 40), (N/A, 20)
    (5170 - 5250 @ 80), (N/A, 20)
    (5250 - 5330 @ 80), (N/A, 20), DFS
    (5490 - 5710 @ 80), (N/A, 27), DFS
    (57240 - 65880 @ 2160), (N/A, 40), NO-OUTDOOR


Set regulatory domain
# iw reg set US
# iw reg get
country 98:
    (2402 - 2472 @ 40), (N/A, 20)
    (5170 - 5250 @ 80), (N/A, 17)
    (5250 - 5330 @ 80), (N/A, 20), DFS
    (57240 - 63720 @ 2160), (N/A, 40), NO-OUTDOOR

if you see country 98, your regulatory domain is the intersection of the regulatory domain in EEPROM and the one set in user_space

Listen to events, eg see a managed interface while assosiating with an AP with wpa_supplicant
# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant-scripts/test.conf


# iw event
wlan0 (phy #0): scan started
wlan0 (phy #0): scan finished: 2412 2417 2422 2427 2432 2437 2442 2447 2452 2457 2462 5180 5200 5220 5240 5260 5280 5300 5320, ""
wlan0: new station 6c:99:ed:41:43:e8
wlan0 (phy #0): auth 6c:99:ed:40:43:e8 -> 05:f0:21:1e:5b:08 status: 0: Successful
wlan0 (phy #0): assoc 6c:98:eb:40:43:e8 -> 05:f0:21:1e:5b:08 status: 0: Successful
wlan0 (phy #0): connected to 6c:99:ed:40:43:e8
phy #0: regulatory domain change: set to GR by a country IE request on phy0
wlan0: del station 6c:99:ed:40:43:e8
wlan0 (phy #0): deauth 05:f0:21:1e:5b:08 -> 6c:99:ed:40:43:e8 reason 3: Deauthenticated because sending station is leaving (or has left) the IBSS or ESS
wlan0 (phy #0): disconnected (local request)
phy #0: regulatory domain change: set to world roaming by the wireless core upon initialization request
regulatory domain change: set to GR by a user request




Listen to events --see auth/assoc/deauth/disassoc frames
# iw event -f
with timing information (epoch.123456)
# iw event -t


Set regulatory domain to world_roaming? 0x00
# iw reg get
country GR:
    (2402 - 2482 @ 40), (N/A, 20)
    (5170 - 5250 @ 80), (N/A, 20)
    (5250 - 5330 @ 80), (N/A, 20), DFS
    (5490 - 5710 @ 80), (N/A, 27), DFS
    (57240 - 65880 @ 2160), (N/A, 40), NO-OUTDOOR
# iw reg set 00
# iw reg get
country 00:
    (2402 - 2472 @ 40), (N/A, 20)
    (2457 - 2482 @ 40), (N/A, 20), PASSIVE-SCAN, NO-IBSS
    (2474 - 2494 @ 20), (N/A, 20), NO-OFDM, PASSIVE-SCAN, NO-IBSS
    (5170 - 5250 @ 160), (N/A, 20), PASSIVE-SCAN, NO-IBSS
    (5250 - 5330 @ 160), (N/A, 20), DFS, PASSIVE-SCAN, NO-IBSS
    (5490 - 5730 @ 160), (N/A, 20), DFS, PASSIVE-SCAN, NO-IBSS
    (5735 - 5835 @ 80), (N/A, 20), PASSIVE-SCAN, NO-IBSS
    (57240 - 63720 @ 2160), (N/A, 0)


Show link status
# iw dev wlan0 link




iw linux voyage



simple git backup server

Simple git Backup Server Notes

Server

Install git on the server
# apt-get install git-core


Create a 'bare' repository on the storage server
$ cd ~
$ mkdir test
$ git init --bare test
Bare are repositories without a working directory, suitable for storage.

Workstation

Generate public and private key pair and copy the public key to the server
$ ssh-keygen -t rsa
$ ssh-copy-id user@server


Create a local repository and push it to the storage server
$ mkdir test
$ cd test
$ echo hi > test.txt
$ git init
$ git add test.txt
$ git commit -m 'first-commit-message'
$ git remote add origin ssh://user@server:/home/user/test
$ git push origin master








Simple git backup Server



bif

bif is a basic iptables firewall setter script



Installation
# git clone https://github.com/ipduh/bif.git
# cd bif/ && chmod 755 install.sh && ./install.sh


Configuration
Edit /etc/bif
Most likely, you will have to adjust WHITE_LIST, BAD_IP_URL and OPEN_INBOUND_TCP

Initialization
# /etc/bif














bif



winbox debian 64b jessie

Install winbox on a
# uname -a
Linux some-desktop 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt11-1 (2015-05-24) x86_64 GNU/Linux
# cat /etc/debian_version 
8.1


Uninstall wine and remove it's configuration directory
# apt-get remove wine --purge
# rm -r ~/.wine


Install wine32
# apt-get install wine32


Run winbox
$ wine winbox.exe




Install winbox on debian jessie

svn immediates

Notes on svn commits ( add a directory to a project ) without having to download the whole project.

checkout project skeleton --empty 2ond level project directories
$ svn co --username=user --depth=immediates http://myrepo.net/svn/dev/

 --depth immediates 

Include the immediate target of the operation and any of its immediate file or directory children. The directory children will themselves be empty.


add a directory
$ svn add mydir


$ svn ci -m "importing mydir"


For more complicated sparse checkouts lookup
co --depth files ,
up --set-depth infinity dir1 dir2 ,
up --set-depth emty dir3 dir4






svn immediates

iperf

Messing around with iPerf in a 1000BASE-T Ethernet LAN



Set an iPerf TCP server
beryllium:~# iperf -s -B 172.31.1.2
------------------------------------------------------------
Server listening on TCP port 5001
Binding to local address 172.31.1.2
TCP window size: 85.3 KByte (default)
------------------------------------------------------------




Measure achievable TCP bandwidth with iPerf from another host
lithium:~# iperf -c 172.31.1.2
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  3] local 172.31.1.1 port 44159 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   982 MBytes   823 Mbits/sec



Seen on server
beryllium:~# iperf -s -B 172.31.1.2
------------------------------------------------------------
Server listening on TCP port 5001
Binding to local address 172.31.1.2
TCP window size: 85.3 KByte (default)
------------------------------------------------------------
[  4] local 172.31.1.2 port 5001 connected with 172.31.1.1 port 44159
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec   982 MBytes   823 Mbits/sec



Set an iPerf UDP server
beryllium:~# iperf -s -u -B 172.31.1.2
------------------------------------------------------------
Server listening on UDP port 5001
Binding to local address 172.31.1.2
Receiving 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------



Measure achievable UDP bandwidth with iPerf from another host
lithium:~# iperf -u -c 172.31.1.2
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  3] local 172.31.1.1 port 60431 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec  1.25 MBytes  1.05 Mbits/sec
[  3] Sent 893 datagrams
[  3] Server Report:
[  3]  0.0-10.0 sec  1.25 MBytes  1.05 Mbits/sec   0.055 ms    0/  893 (0%)

Which appears to be a NOT Good way to do UDP bandwidth measurements, because iperf tries only the default or the set rate and UDP has no way of determining the pipe capacity or congestion.

Since, I know that that both hosts have gigabit ethernet interfaces and they are in the same gigabit LAN, I should try to set the bandwidth to something closer to 1000Mb/s
lithium:~# iperf -u -c 172.31.1.2 -b 1000M
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  3] local 172.31.1.1 port 49712 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   909 MBytes   763 Mbits/sec
[  3] Sent 648395 datagrams
[  3] Server Report:
[  3]  0.0-10.0 sec   908 MBytes   762 Mbits/sec   0.012 ms  549/648394 (0.085%)
[  3]  0.0-10.0 sec  1 datagrams received out-of-order


hmm, what if
# iperf -u -c 172.31.1.2 -b 800M
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  3] local 172.31.1.1 port 46421 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   919 MBytes   771 Mbits/sec
[  3] Sent 655661 datagrams
[  3] Server Report:
[  3]  0.0-10.0 sec   919 MBytes   771 Mbits/sec   0.012 ms    1/655660 (0.00015%)
[  3]  0.0-10.0 sec  1 datagrams received out-of-order


greater rate or just better timing ...
less stuff going on in the LAN,
we need a few more tests ...
lithium:~# iperf -u -c 172.31.1.2 -b 1000M
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  3] local 172.31.1.1 port 56018 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   942 MBytes   790 Mbits/sec
[  3] Sent 671758 datagrams
[  3] Server Report:
[  3]  0.0-10.0 sec   940 MBytes   789 Mbits/sec   0.008 ms  941/671757 (0.14%)
[  3]  0.0-10.0 sec  1 datagrams received out-of-order
lithium:~# iperf -u -c 172.31.1.2 -b 1100M
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  3] local 172.31.1.1 port 48590 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   941 MBytes   789 Mbits/sec
[  3] Sent 671138 datagrams
[  3] Server Report:
[  3]  0.0-10.0 sec   937 MBytes   786 Mbits/sec   0.016 ms 2547/671137 (0.38%)
[  3]  0.0-10.0 sec  1 datagrams received out-of-order


but still less bandwidth than in the TCP tests, I want to make it say more in UDP , what if I try 2 or 3 client threads?
lithium:~# iperf -u -c 172.31.1.2 -b 1000M -P 2
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  4] local 172.31.1.1 port 44169 connected with 172.31.1.2 port 5001
[  3] local 172.31.1.1 port 46647 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec   570 MBytes   478 Mbits/sec
[  4] Sent 406535 datagrams
[  3]  0.0-10.0 sec   570 MBytes   478 Mbits/sec
[  3] Sent 406862 datagrams
[SUM]  0.0-10.0 sec  1.11 GBytes   957 Mbits/sec
[  4] Server Report:
[  4]  0.0-10.0 sec   570 MBytes   478 Mbits/sec   0.023 ms  268/406534 (0.066%)
[  4]  0.0-10.0 sec  1 datagrams received out-of-order
[  3] Server Report:
[  3]  0.0-10.0 sec   570 MBytes   478 Mbits/sec   0.112 ms  169/406861 (0.042%)
[  3]  0.0-10.0 sec  25 datagrams received out-of-order
lithium:~# iperf -u -c 172.31.1.2 -b 1000M -P 3
------------------------------------------------------------
Client connecting to 172.31.1.2, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  208 KByte (default)
------------------------------------------------------------
[  5] local 172.31.1.1 port 42214 connected with 172.31.1.2 port 5001
[  4] local 172.31.1.1 port 43282 connected with 172.31.1.2 port 5001
[  3] local 172.31.1.1 port 45155 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  5]  0.0-10.0 sec   380 MBytes   319 Mbits/sec
[  5] Sent 271093 datagrams
[  3]  0.0-10.0 sec   380 MBytes   319 Mbits/sec
[  3] Sent 271140 datagrams
[  4]  0.0-10.0 sec   380 MBytes   319 Mbits/sec
[  4] Sent 271280 datagrams
[SUM]  0.0-10.0 sec  1.11 GBytes   957 Mbits/sec
[  5] Server Report:
[  5]  0.0-10.0 sec   380 MBytes   319 Mbits/sec   0.162 ms   46/271092 (0.017%)
[  5]  0.0-10.0 sec  69 datagrams received out-of-order
[  3] Server Report:
[  3]  0.0-10.0 sec   380 MBytes   318 Mbits/sec   0.021 ms  284/271139 (0.1%)
[  3]  0.0-10.0 sec  1 datagrams received out-of-order
[  4] Server Report:
[  4]  0.0-10.0 sec   380 MBytes   319 Mbits/sec   0.282 ms  242/271279 (0.089%)
[  4]  0.0-10.0 sec  10 datagrams received out-of-order


What if I try TCP bandwidth tests with 2 and 3 client threads ?
lithium:~# iperf -c 172.31.1.2
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  3] local 172.31.1.1 port 44165 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   977 MBytes   819 Mbits/sec
lithium:~# iperf -c 172.31.1.2 -P 2
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  4] local 172.31.1.1 port 44167 connected with 172.31.1.2 port 5001
[  3] local 172.31.1.1 port 44166 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec   564 MBytes   473 Mbits/sec
[  3]  0.0-10.0 sec   553 MBytes   464 Mbits/sec
[SUM]  0.0-10.0 sec  1.09 GBytes   937 Mbits/sec
lithium:~# iperf -c 172.31.1.2 -P 3
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  5] local 172.31.1.1 port 44170 connected with 172.31.1.2 port 5001
[  4] local 172.31.1.1 port 44169 connected with 172.31.1.2 port 5001
[  3] local 172.31.1.1 port 44168 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec   373 MBytes   313 Mbits/sec
[  3]  0.0-10.0 sec   374 MBytes   313 Mbits/sec
[  5]  0.0-10.0 sec   375 MBytes   314 Mbits/sec
[SUM]  0.0-10.0 sec  1.10 GBytes   940 Mbits/sec
lithium:~# iperf -c 172.31.1.2 -P 4
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  5] local 172.31.1.1 port 44173 connected with 172.31.1.2 port 5001
[  6] local 172.31.1.1 port 44174 connected with 172.31.1.2 port 5001
[  3] local 172.31.1.1 port 44171 connected with 172.31.1.2 port 5001
[  4] local 172.31.1.1 port 44172 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   281 MBytes   236 Mbits/sec
[  4]  0.0-10.0 sec   280 MBytes   235 Mbits/sec
[  5]  0.0-10.0 sec   280 MBytes   235 Mbits/sec
[  6]  0.0-10.0 sec   281 MBytes   236 Mbits/sec
[SUM]  0.0-10.0 sec  1.10 GBytes   941 Mbits/sec
lithium:~# iperf -c 172.31.1.2 -P 5
------------------------------------------------------------
Client connecting to 172.31.1.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  3] local 172.31.1.1 port 44176 connected with 172.31.1.2 port 5001
[  5] local 172.31.1.1 port 44178 connected with 172.31.1.2 port 5001
[  4] local 172.31.1.1 port 44175 connected with 172.31.1.2 port 5001
[  6] local 172.31.1.1 port 44179 connected with 172.31.1.2 port 5001
[  7] local 172.31.1.1 port 44180 connected with 172.31.1.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   223 MBytes   187 Mbits/sec
[  4]  0.0-10.0 sec   225 MBytes   189 Mbits/sec
[  6]  0.0-10.0 sec   225 MBytes   188 Mbits/sec
[  7]  0.0-10.0 sec   224 MBytes   188 Mbits/sec
[  5]  0.0-10.0 sec   226 MBytes   189 Mbits/sec
[SUM]  0.0-10.0 sec  1.10 GBytes   941 Mbits/sec





next, meausure in the same setup with iperf3



Options Used


-B, --bind 
    bind to , an interface or multicast address

-s, --server
    run in server mode

-D, --daemon
    run the server as a daemon

-b, --bandwidth n[KM]
    set target bandwidth to n bits/sec (default 1 Mbit/sec).  This setting requires UDP (-u).

-u, --udp
    use UDP rather than TCP

-P, --parallel n
    number of parallel client threads to run







iperf

debian add printer

Add an IP printer in debian

Install the Common UNIX Printing System --PPD/driver support, web interface, and the client programs
# apt-get install cups cups-client


Use a web-browser to go to http://localhost:631/
and then,
Adding Printers and Classes -> Add Printer
--you may use the root account credentials or add a user to lpadmin.

There is a good chance that you will not see the appropriate PDD there.

For HP printers you may use hplip, go to http://hplipopensource.com/hplip-web/supported_devices/index.html and select the printer model e.g. http://hplipopensource.com/hplip-web/models/officejet/hp_officejet_pro_8610.html for office jet pro 8610.



Download hplip and run it, the automatic installation worked for me in debian jessie



debian add printer



wpa debian

Notes on connecting to an 802.11X/WPA AP with wpa_cli

enable interface
# ifconfig wlan0 up


scan
# iwlist wlan0 scan
or

# iwlist wlan0 scan |egrep -i "ssid|signal|frequency|authenti"
to see just ESSID , Signal Strength , Quality, Frequency and Authentication suites for each cell

Interactive configuration of wpa_supplicant with wpa_cli
# echo "ctrl_interface=/run/wpa_supplicant" >> /etc/wpa_supplicant/t.conf
# echo "update_config=1" >> /etc/wpa_supplicant/t.conf
# wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant/t.conf


Associate/Authenticate with the "thESSID" ssid
# wpa_cli
>scan
> scan_results
> add_network
0
> set_network 0 ssid "thESSID"
OK
> set_network 0 psk "thePASSWD"
OK
> enable network 0
OK
> save_config
OK
> quit


and then request an IP address from the DHCP server or set one manually
# ifconfig wlan0 192.168.168.13/24




wpa_cli debian

unmount all samba filesystems

Unmount all cifs ( samba ) shares.
# umount -a -t cifs -l






unount samba shares