11 Jan 2017
This Blogpost describes how you can use your Logitech F710 controller on a Windows 10.
For some reasons the offical Logitech driver doesn't work on Windows 10. But you can just
use the Xbox driver, here is how:
Right click -> Update Driver Software... -> Browse my computer for driver software -> Let me pick from a list of device drivers on my computer -> Xbox 360 Peripherals -> Xbox 360 Wireless Receiver for Windows.
I would have made a short video how this works but Nvidia Shadowplay also doesn't work.
03 Jan 2017
My Windows 8 had some weird problems today. Since I migrated this specific installation over three
different hardware configurations, I didn't try to solve it. Instead I just reinstalled a Windows 10.
The installation of Windows 10 went smooth, even the creation of the USB stick worked at the first try.
But I wouldn't write a blog post if everything went flawless. Grub was unable to boot my new Windows 10.
And a simple rebuild didn't fix the problem.
sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
It made it even worse after that the Windows option was vanished from my boot menu.
So to fix this you need to recreate the Windows EFI files. To do this, start diskpart and find your
EFI partition. It's the one which is FAT formated and around 200MB large.
DISKPART> list vol
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 FAT Partition 200 MB Healthy System
Volume 1 RAW Partition 585 GB Healthy
Volume 2 NTFS Partition 345 GB Healthy
Volume 3 E System Rese NTFS Partition 500 MB Healthy
Volume 4 C NTFS Partition 223 GB Healthy Boot
DISKPART> sel vol 0
Volume 0 is the selected volume.
DISKPART> assign letter=b:
DiskPart successfully assigned the drive letter or mount point.
DISKPART>
This mounts the EFI partition to the letter b.
Then open a cmd as admin and create the Microsoft\Boot directory and create the EFI boot files:
md b:\EFI\Microsoft\Boot
cd /d b:\EFI\Microsoft\Boot
bcdboot c:\Windows /s b: /f ALL
Now it's time to restart linux and recreate our grub config with:
sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
Now everything works again.
13 Aug 2016
Perhaps you read the blog post Build a DNS server on NetBSD.
This is essentially the same thing except I use debian this time. The idea behind this is if one system goes down the other
one should be running. So basically diversity for zero DNS downtime. (There will be a third blog post with images of the hardware I used)
I used the raspbian lite image from the official raspberrypi site.
So as always unzip it and dd it to the right sd card.
$ unzip 2016-05-27-raspbian-jessie-lite.zip
$ sudo dd if=2016-05-27-raspbian-jessie-lite.img of=/dev/sde
2709504+0 records in
2709504+0 records out
1387266048 bytes (1.4 GB) copied, 169.065 s, 8.2 MB/s
Now you can start your pi and login in with user:pi & password:raspberry.
It's highly recommended to change your password with passwd. Also always
a good idea is to upgrade your system.
apt-get update && apt-get upgrade
Configure a static IP on your interface:
$ cat /etc/dhcpcd.conf
# A sample configuration for dhcpcd.
# See dhcpcd.conf(5) for details.
noarp
interface eth0
static ip_address=192.168.17.6/24
static routers=192.168.17.1
Now we are ready to install dnsmasq
sudo apt-get install dnsmasq
We can use now the exact same config files as in the previous post.
/etc/dnsmasq.conf
# Change this line if you want dns to get its upstream servers from
# somewhere other that /etc/resolv.conf
resolv-file=/etc/resolv.conf.dnsmasq
# Add other name servers here, with domain specs if they are for
# non-public domains.
server=/XXXX.loc/192.168.XXX.XXX
# Add local-only domains here, queries in these domains are answered
# from /etc/hosts or DHCP only.
local=/l33t.network/
# Set the cachesize here.
cache-size=500
/etc/resolv.conf.dnsmasq
nameserver 85.214.73.63
nameserver 208.67.222.222
nameserver 62.141.58.13
/etc/hosts
# = IP = = Domainname = = PC name =
192.168.17.1 pandora.l33t.network pandora
192.168.17.5 janus.l33t.network janus
192.168.17.30 atlas.l33t.network atlas
The only thing that slightly changes is the path of the first config file.
Side note since I use a resolv-file you need for some reasons also
edit /etc/default/dnsmasq and uncomment this line: IGNORE_RESOLVCONF=yes.
Now you can restart dnsmasq and your DNS server is ready to use.
10 Jul 2016
I run localy a dnsmasq server as my primary DNS server. This has two main
reasons the first one is that it's really simple and small. Secondly it's platform indipenden, meaning
I can run it on my NetBSD but also on my FreeBSD or even on linux. This means also I can just reuse the same config files.
Let's get started you need the right NetBSD image for your Raspberry Pi, if I'm not mistaken
it should be evbarm-earmv6hf for a Raspberry Pi 1 and evbarm-earmv7hf for the newer ones (Raspberry Pi 2 & 3).
Here is how to download it and flash it to your SD card.
Warning: as always double check that you are flashing your SD card and not something else!
wget https://cdn.netbsd.org/pub/NetBSD/NetBSD-8.0/evbarm-earmv7hf/binary/gzimg/armv7.img.gz
gunzip rpi.img.gz
sudo dd if=rpi.img of=/dev/sdX
And thats all preparation needed, now you can plug a keyboard, ethernet, the SD card and HDMI cable in your
Raspberry Pi and power it up. Then you just need to wait until the system has resized the root filesystem and
prepared everything else.
The first thing you should do is to login as root and set a password for the root account.
After that you can add a user like this (the wheel group is necessary to use su later):
useradd -m -G wheel l33tname
passwd l33tname
Also recomended is to edit /etc/rc.conf I changed the hostname and configured a static ip, meaning disable
dhcpcd. Here are the important bits:
hostname=janus
ifconfig_usmsc0="192.168.17.5 netmask 0xffffff00"
defaultroute=192.168.17.1
#dhcpcd=YES
sshd=YES
After a reboot you should be able to login with your new user over ssh.
Now you need time, downloading and unpacking or a cvs checkout of all ports take some time on a
old Raspberry Pi.
Using the cvs source:
cd /usr && cvs -q -z2 -d anoncvs@anoncvs.NetBSD.org:/cvsroot checkout -P pkgsrc
Or download the tar archive:
ftp ftp://ftp.netbsd.org/pub/pkgsrc/pkgsrc-2016Q2/pkgsrc.tar.gz
su
tar -xzf pkgsrc.tar.gz -C /usr
I use cvs because you can update it with:
cd /usr/pkgsrc && cvs update -dP
But read Where to get pkgsrc and how to keep it up-to-date for
more informations.
With the pkgsrc in place we can compile and install dnsmasq.
cd /usr/pkgsrc/net/dnsmasq
make
make install
cp /usr/pkg/share/examples/rc.d/dnsmasq /etc/rc.d/
The configuration is simple you only need 3 files. The first one is the main configuration which
is located in /usr/pkg/etc/dnsmasq.conf
# Change this line if you want dns to get its upstream servers from
# somewhere other that /etc/resolv.conf
resolv-file=/etc/resolv.conf.dnsmasq
# Add other name servers here, with domain specs if they are for
# non-public domains.
server=/XXXX.loc/192.168.XXX.XXX
# Set the cachesize here.
cache-size=500
As you can see the dns upstream servers are configured in /etc/resolv.conf.dnsmasq I'm using
these serveres, but feel free to use any other dns server you trust.
nameserver 85.214.73.63
nameserver 208.67.222.222
nameserver 62.141.58.13
And last but not least the /etc/hosts file where you now can add all your hosts.
# = IP = = Domainname = = PC name =
192.168.17.1 pandora.l33t.network pandora
192.168.17.5 janus.l33t.network janus
192.168.17.30 atlas.l33t.network atlas
And that's it you are almost finished with configure your dnsmasq, the last thing is obviously
to start the deamon and test it. So add "dnsmasq=YES" it to /etc/rc.conf and start it with service dnsmasq start.
Test it with somethin like dig:
$ dig pandora @192.168.17.5 | grep pandora
; <<>> DiG 9.10.3-P4-RedHat-9.10.3-9.P4.fc22 <<>> pandora @192.168.17.6
;pandora. IN A
pandora. 0 IN A 192.168.17.1
06 May 2016
I use pfSense on my primary home router. And it's awesome! If you haven't tried it, you should absolutely https://www.pfsense.org/.
It's based on FreeBSD and since the last update to 2.3.0 it even looks nice. Because my internet provider doesn't provide a static
IP I use Dynamic DNS. Dynamic DNS is a thing which describes the process of a client with a changing IP keeping a DNS record up to date.
This means every time the client IP changes the client triggers an update of the DNS record for it. With this in place you can access your
home network always over something like dyndns.mydomain.tdl.
I thought it would be easy to setting this up for my home network, well I was wrong. It should be simple pfSense suports DDNS out of the box
Dynamic DNS. And my domain provider has a page which describes how their
DDNS API works: ddns dynamic dns service on your own domain.
So I filled out the DDNS page and it just didn't work. And the advance login is not helpful at all.
That is why I added a bit logging code to /etc/inc/dyndns.class to see what curl does. The result was something like this:
* Trying 45.55.114.21...
* Connected to iwantmyname.com (45.55.114.21) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
* subject: CN=iwantmyname.com,O=iwantmyname (ideegeo group Ltd),L=Wellington,ST=Wellington,C=NZ,postalCode=6011,STREET=167b Vivian Street,STREET=Te Aro,serialNumber=2131522,incorporationCountry=NZ,businessCategory=Private Organization
* start date: Apr 10 00:00:00 2015 GMT
* expire date: Apr 25 12:00:00 2017 GMT
* common name: iwantmyname.com
* issuer: CN=DigiCert SHA2 Extended Validation Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US
> GET /basicauth/ddns?hostname=dyndns.domain.tdl&myip=151.XXX.XXX.XXX HTTP/1.1
> User-Agent: curl/7.40.0
> Host: iwantmyname.com
> Accept: */*
>
< HTTP/1.1 403 Forbidden
< Server: nginx
< Date: Sun, 01 May 2016 09:45:59 GMT
< Content-Type: text/plain; charset=UTF-8
< Content-Length: 8
< Connection: keep-alive
< Set-Cookie: iregistrar_session=1234; path=/; expires=Sun, 01-May-2016 10:15:59 GMT; secure; HttpOnly
< Set-Cookie: csrf_session=1234; path=/; HttpOnly
<
* Connection #0 to host iwantmyname.com left intact
And the response was badauth., so I double checked my username and password but it still didn't work.
The next thing was to recreate this error with curl. For that I checked which arguments are used in the code.
case 'custom':
case 'custom-v6':
if (strstr($this->dnsUpdateURL, "%IP%")) {$needsIP = TRUE;} else {$needsIP = FALSE;}
if ($this->_dnsUser != '') {
if ($this->_curlIpresolveV4) {
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
}
if ($this->_curlSslVerifypeer) {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
} else {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
}
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_USERPWD, "{$this->_dnsUser}:{$this->_dnsPass}");
}
$server = str_replace("%IP%", $this->_dnsIP, $this->_dnsUpdateURL);
if ($this->_dnsVerboseLog) {
log_error(sprintf(gettext("Sending request to: %s"), $server));
}
curl_setopt($ch, CURLOPT_URL, $server);
break;
And as you can see in this snipped it's something like this:
$ curl -vv --anyauth "https://iwantmyname.com/basicauth/ddns?hostname=dyndns.domain.tdl&myip=151.XXX.XXX.XXX"
I recreated the error, this was when I figured out that there is no Authentication header in my request. And
now it makes totally sense that my response is badauth, because there is no authentication. The question is now
what does --anyauth. For that I consulted the man page
Tells curl to figure out authentication method by itself, and use the most secure one the remote site claims to support.
This is done by first doing a request and checking the response-headers, thus possibly inducing an extra network round-trip.
This sounds cool but as you can see in the log I don't get a response with a 401 status code and which authentication method are
supported, I just get an 403 Forbidden. Expected would be something like this:
< HTTP/1.1 401 Unauthorized
< Content-Length: 757
< Vary: Accept-Encoding
< Server: nginx
< Date: Fri, 06 May 2016 11:04:43 GMT
< Content-Type: text/html;charset=utf-8
< Www-Authenticate: Basic realm="iwantmyname simple api"
So as a quick fix I just changed
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
to
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
Which works fine. Since now the Basic Authentication is added to the first request. Which looks then like this:
* Server auth using Basic with user 'username'
> GET /basicauth/ddns?hostname=dyndns.domain.tdl&myip=151.XXX.XXX.XXX HTTP/1.1
Host: iwantmyname.com
Authorization: Basic 1234=
For the long term I hope iwantmyname will fix their API. (I will probably update this blog post if that happens).
Update
They fixed it!