19
Aug

Slow Windows 8(.1) Samba share access?

   Posted by: dave   in Linux, Software, Techie Stuff

I’ve been having difficulties with Samba shares on my Synology NAS for a few weeks. I’ve no idea when it started being troublesome, but it’s been quite a while.
Well, it turns out the fix is reasonably simple, and comes down to the fact that the samba implementation on the NAS is not yet up to date witb the current SMB (the protocol) specs. Understandable given that Windows 8 and 8.1 both changed the game slightly.
Well, if you, like me, are having difficulties with Windows 8.1 and Samba shares being very very slow to use, help is at hand:

Run gpedit.msc (windows key, type gpedit.msc and press enter – will work on any version of Windows)
In the navigation window that pops up, alter the following settings:
Microsoft network client:
Send unencrypted password to third-party SMB server:
Set to “Enabled”.
Network security:
LAN Manager authentication level:
Select the option in the dropdown selection “Send LM & NTLM – use NTLMv2 session security if negotiated.”

Reboot. With any luck, your samba shares will now be a whole lot quicker to use, as mine are again.

Windows 8 to Windows 8 Pro anytime upgrade is an excellent bit of kit. However, if you had ipv6 working before, and you added Pro to get the nice extras like Hyper-V (as I did), as soon as you install the Hyper-V role, all your lovely handcrafted ipv6 settings will be lost, and it seems to me that it also “lost” the jumbo frame support I’d enabled. This latter was because – it seems – that after installing Hyper-V, you’re running of a bridged network adapter. Now your original adapter which you’d set up jumbo frames on still (probably, mine did) have jumbo frames still enabled, the bridge adapter didn’t propagate the settings. Likewise, although it may have propagated the ipv6 address you set on your adapter, it’s probably forgotten to propagate them (especially, in my case the ipv6 nameserver and default gateway) across to the bridge.

So there you have it. Check ipv6 settings carefully after installing the Hyper-V role. This may be true of a native Windows 8 Pro installation; getting ipv6 working ahead of a Hyper-V role install may trigger the same problem, I really doubt that it was the Home->Pro update which caused the problem.

30
Jul

logging in and out of a linux iscsi target

   Posted by: dave   in Linux, Techie Stuff

Show target state:

iscsiadm -m session

Log out of all targets (for, say, an iSCSI provider firmware update):

iscsiadm –m node –u

Log out of individual target:

iscsiadm –m node –u –T iqn-domain-name –p server-address:3260

Log into individual target:

iscsiadm -m node -l -T iqn-domain-name -l -p server-address:3260

Log into all targets:

iscsiadm –m node –l
25
Jul

ConfigServer firewall and KVM/QEMU.

   Posted by: dave   in Linux, Software, Techie Stuff

You’ve decided that you need a modicum of security on your virtualisation host, and you’ve picked ConfigServer firewall as your software of choice.
You’ve installed it, and all the ports have been let through, the host is happy.

Except that now, none of the guests are – their networking is now as dead as a dodo.

The file you need to know about is /etc/csf/csfpost.sh
The second thing you need to realise is that the firewall is set up to be a client firewall – the end-user of packets so to speak. It’s not expecting to be forwarding packets on. But that’s exactly what your host is now doing for the guests.

So. That file. Edit it and add the following, which tells configserver firewall to add the following rules as well as the ones it creates itself:

1
2
3
IPT=/sbin/iptables
$IPT -F FORWARD
$IPT -P FORWARD ACCEPT

Then, 6 weeks later when you realise that the long pauses when connecting to dual-stack ipv6 hosts are because it’s attempting an ipv6 connection then falling back to ipv4 when that fails.

An additional clue that what I’m describing is the cause of the problem is that a ping6 from the guest will fail with the error: “Destination unreachable: Address unreachable”.

What will actually be happening, if you break out wireshark, is that the neighbor discovery packets are not being answered, so your box can’t find the router it needs to communicate with the outside world.

So, you edit the file again, and you add the following lines:

4
5
6
IPT6=/sbin/ip6tables
$IPT6 -F FORWARD
$IPT6 -P FORWARD ACCEPT

Tada! That’ll teach you not to think about things up front, won’t it?

If you’ve got a Netgear Smart switch with the LAG feature (I’ve just got a GS724Tv3), *and* you use jumbo frames on your network, beware of a really nasty gotcha in the switch’s management interface.
When you enable Jumbo frames on the ports in the switch, you enable 9216 as the maximum frame size on all the ports and then set up the LAG.
What you must *also* do is, once the LAG is created, is to go back to the ports page, and hit the LAGS “page” (not exactly obviously signposted as such, but at the top of the ports table, above the “Description” header there’s a LAGS link. Click that, then enable 9216 bytes across the LAG that you created. This is the critical step, and means that although the ports were configured for 9216 byte packets, when the LAG was created it didn’t propagate this frame size to the LAG from both the ports.

If you find this and it helps, you’re welcome.
My Synology NAS (DS412+) works in link aggregation mode with jumbo frames enabled flawlessly, once I’d figured out that the LAG is created as a virtual port and you need to make the non-obvious adjustment.

1
Dec

VirtualBox 4.3 with 64bit guests

   Posted by: dave   in General

For anyone else having issues with Virtualbox guests detecting ony a 32bit CPU (despite having ticked the “I/O APIC” option in Settings->System on the motherboard tab, I had the same problem, until I enabled a couple of options in the VMs settings via the command line. This was on Ubuntu 13.10 host:

sudo VBoxManage modifyvm “Test W7″ –acpi on
sudo VBoxManage modifyvm “Test W7″ –longmode on

I would guess that it was the second of these commands which made it work, but I present both “just in case”.

It turns out that unless you tell the wizard that you’ve got a 64 bit guest at the time that the VM is created (in this case, I was re-using an old one) then VB doesn’t actually enable 64bit CPUs for the guest. –longmode on (above) is what does the business in this case.

17
Nov

Linux network bridge devices.

   Posted by: dave   in General

When you’re setting up a virtual machine on Linux using KVM/QEMU, you’ll more than likely need to setup a bridged network device.

I’ve done this now a couple of times, and both times the network has “hung” during bootup.  It seems that this is because I’m also enabling an MTU size of 9000 (Gigabit ethernet with jumbo frames) using the mtu stanza in the br0 section of /etc/network/interfaces.

This is Not The Done Thing, by all accounts.  When setting up the MTU on a bridge device, one apparently needs to use the post-up stanza to add the command

ifconfig eth0 9000

to the interface. This sets the mtu on the interface which br0 is bridging – in my case eth0, you’ll need to edit to suit your configuration.

This will solve the long bootup problem, and cause jumbo frames to be enabled at the point the interface is brought up. When connecting to my iSCSI target on the SAN, this makes the transfers no end quicker.

17
Jan

Updating PHP (or adding modules)

   Posted by: dave   in Techie Stuff

My first instinct when wanting to add a module to PHP is to hit the shell.  However, in cPanel, this is somewhat harder to do.  Especially as on my CentOS 5.4 x_64 build, yum appears to be broken irretrievably – I’ve installed the EPEL repo, but cannot select any software to install from it (I was after the php-mbstring package, I understand).

However, cPanel to the rescue.  Hit WHM as your root user, and go to “Software”.  In there, is an “Easy Apache” section.  Go through the “wizard” presented, and fill in the details you want (I’d base the settings on the existing build if I were you).  In step 5, use the “exhaustive options list” and select all the modules you want.

Having filled in the configuration filename, description and extended description boxes, push the “build” button and let cPanel chunter away for a bit.  You’ll then be asked about suExec and default PHP handlers for .php types.  Accept the defaults (or the settings you had last time if you’re conservative, although for me, these were the same) and away you go.  I’ve now got mysqli and mbstring (why aren’t these default modules anyway?) installed on the server.  No yum needed, Hurrah!

27
Dec

Linux clipboards.

   Posted by: dave   in Linux

Linux has – for historical reasons – two clipboards.  One is the one that old X hands will know and love, the other is the new one.  And the two are completely separate.  If you put text in the copy-buffer (the X windows style clipboard), then you attempt to paste out into a new-style application, nothing will happen.  Likewise the other way around, copy out of an application that uses the new style clipboard and the X applications won’t know there’s any text in the clipboard.  Because there isn’t.

So.  How to get around this problem?  On debian/ubuntu, there’s a package (which isn’t installed by default) available to install.  autocutsel.  It’s a background application which knows about both styles of clipboard and attaches to both.  When one changes, it’ll synchronise the two clipboards.

Downside?  If you’re used to two clipboards and know which applications use which clipboard (and you exploit this mercilessly) then you’re going to lose the contents of the “other” clipboard with this running.  Enough of a bummer to stop me using it?  Nope.  It’s a beautiful little application which allows me to copy and paste between all my applications – including those pesky mono applications.  Yay!

30
Nov

The problem with Linux and proprietary modules

   Posted by: dave   in Linux

A kernel upgrade (from 3.5.0-18 to 3.5.0-19) has just borked my two binary modules that I load.  The video card and the wireless network. So absolutely nothing to worry about there then. Just the two most important pieces of a modern Linux system.

The video card problem manifested by the window manager (compiz) crashing, so there were no title bars, the launcher had gone and the task panel was absent. Absolute PITA getting anything to run, and god help you if X decided that the window you wanted to type into just isn’t going to accept focus!

Firstly, after a kernel upgrade, one always needs the correct kernel headers to compile the wrappers for the modules:

apt-get install linux-headers-$(uname -r)

The wireless network card was taken care of by the following two commands:

/usr/bin/apt-get purge bcmwl-kernel-source broadcom-sta-common broadcom-sta-source
/usr/bin/apt-get install b43-fwcutter firmware-b43-installer

The ATI module was done by just running the ATI proprietary driver installer again (which I had lying about in my home directory).

All from a text-console, of course. I was lucky in that my laptop has both wired and wireless. If you’ve only got wireless network connectivity, you’ll need to download the .deb files that apt gets above and install them manually with dpkg.

sudo update-rc.d /etc/init.d/<scriptname> defaults

Also, for those newfangled keyboards without a numlock key (irritating, isn’t it?) then you need the numlockx binary, from debian/ubuntu package numlockx.

Just run “numlockx toggle” to toggle the current state of the numlock key – or “numlockx on” or “numlockx off” to set the state explicitly.

Now, combine that with the startup script hint above, and you’ve got a numpad again.  Top stuff…

Alternatively, you can – it seems – go to the system settings tab in Ubuntu, choose Keyboard, choose “Layout Settings”, click “Options” and in “Miscellaneous compatibility options”, select the “Numeric keypad keys always enter digits (as in Mac OS)”.  This has much the same effect.  But you don’t learn anything about the ubuntu startup scripts this way :P

27
Oct

Ubuntu 12.04 post-install tweaks.

   Posted by: dave   in Linux

Uninstall gnome-screensaver, install ubuntu packages:
xscreensaver
xscreensaver-data
xscreensaver-data-extra
xscreensaver-gl
xscreensaver-gl-extra
xscreensaver-screensaver-bsod
xscreensaver-screensaver-dizzy
xscreensaver-screensaver-webcollage
rss-glx

After installing rss-glx, you’ll need to run glx_install to install the rss screensavers. And that’s Really Slick Screensavers, not RSS

You’ll also need to setup the screensaver to auto-start when you log-in.  Search for “Startup” in Unity, then add an item in that utility, pointing to /usr/bin/xscreensaver

Additionally, you’ll (probably) want to remove the unity-lens-shopping package too – it slows the unity search panel down massively, and – for me at least – will never do anything useful. If I want to search amazon, I’d be on the amazon website.

Other packages you’ll be wanting at some point:

keepass2
mono-complete (required by keepass2; don’t just install the ‘mono’ package)

There’s massive kinks involved with keepass2 on linux (because of mono) – and the fact that Ubuntu has a script to start keepass2 (/usr/bin/keepass2 is a shell script, and so is not what you configure the keefox plugin for the location of KeeFox (that’d be /usr/lib/keepass2 instead).

Add another auto-startup for keefox by adding /usr/bin/keefox2 in the startup programs (like you did for xscreensaver, above).

I’m sure there’s more, but that’ll do for now. When something occurs to me, I’ll put it up here.

So far, though, Ubuntu 12.04 has just workedTM for me on this HP laptop.

26
Aug

Winbox and Virtual Machine network adaptors

   Posted by: dave   in General

Simple explanation:

Winbox and VM network adaptors don’t work together. This is confirmed by me with Oracle VirtualBox, but others have the same problem with other VM providers too.
Took me the best part of three hours to find this out.
Officical confirmation here.

17
Aug

Gah, Damn, Sod It.

   Posted by: dave   in General

Microsoft Visual Studio (up to 2008, don’t have 2010 so can’t test it) don’t support unicode correctly.
They expect to see UTF-16LE encoded text (must have the correct format BOM too).
If you present them with UTF-16BE (with the correct BOM) then they corrupt the file by assuming it’s LE encoded.
This means that a file written using perl with the :encoding(utf-16) will not be read correctly, you’ll get garbage in the editor, and the compiler will emit strange errors.
If the file is output from perl using the :encoding(utf-16le) method, then the file is *still* corrupt. However, this time it’s Perl’s fault as it’s not written out the BOM to the file.
This last point is relatively easily worked-around in perl, but it’s still bad that it’s not standards compliant, just like Visual Studio isn’t.

Gah! We can’t win.

29
Jun

Windows 7 & ipv6

   Posted by: dave   in General, Software, Techie Stuff

My windows 7 has been native ipv6 (dual stacked with legacy ip addresses) for quite some time. I’ve only just discovered how to get it to use a static IPv6 address over the autoconfigured IPv6 address (the reason is that the statically allocated ipv6 address is way more memorable than the MAC address of the windows 7’s wireless adapter).

Anyway; basically Windows 7 likes to use the autoconfigured ipv6 address in preference; we need to tell the stupid thing that the static one should be the default.
In an administrator command prompt, type:

netsh interface ipv6 show interfaces

And look for the interface name for the adapter that’s currently connecting you to the internet.

Using this name, type in the command:

netsh interface ipv6 set interface "<interface name>" advertise=enable managed=enable

Replace <interface name> with the name you found in step 1.  Keep the quotes, lose the angle brackets.

This will tell windows that you really know what you’re doing, and it can use the ipv6 address in the network connection’s ipv6 static dialog box (which you’d already configured fully, right?) and forget about that monstrousity it auto generated from the MAC address.  Job done.

Clicky

The link gives all information required to change where windows 7 looks to find out what the status of the currently connected network is.
I wish I’d have thought of doing this earlier – it occurred to me that it *must* be sending probes out somewhere, but I never followed the thought up :(

4
Jan

Testing syntax highlighter

   Posted by: dave   in General

1
2
3
4
5
6
#include <streams>
 
int main(int argc, char * argv[])
{
   cout << "Hello World!\n";
}

Well, that works ok. Except that wordpress seems to insert a space between the stream output operator characters. And also thinks that <stream> is an HTML tag that needs closing. So it’s a bit of a nightmare really. But I think it’s workable. Not that I’m planning to put code up here, of course…
EDIT: Solved. Use the attribute ‘escaped=”true”‘ and use only HTML entities in the source. Coolio. Excellent plugin. WP-Syntax

7
Jul

Spammer accounts deleted.

   Posted by: dave   in General

Some of you may now be account-less, for which I’m sorry. A load of spammers just created 360 accounts on this blog and I’ve had to do a bulk-erase. Any of you that have had your accounts deleted by accident, I’m sorry.

12
Apr

IPv6 is here – happy days!

   Posted by: dave   in Techie Stuff

Well, ipv6 works. This may not come as a big surprise to some of you, but more specifically, I’ve got native IPv6 working on my ADSL line. Thanks to my ISP, I’ve managed to set up the ADSL modem to be bridged, and my main router uses PPPoE to connect to them to achieve connectivity.
The router is an RB750 which for 40 quid all-in is quite a bargain, by the way – and in version 5 of the OS it runs, it’ll do ipv6 over ppp! So I got the allocation from the ISP, plugged in the relevant things into the router (not forgetting the all important ::/0 default route to direct packets up the PPPoE link, thanks to Michael for the tip) and it’s all working.
ipv6.google.com resolves, connects, and displays a page.
Even better, so does http://www.ipv6porn.co.nz/

6
Apr

IPv6 on the horizon

   Posted by: dave   in Techie Stuff

In the latest of the sporadic updates, I’m preparing my home internet for IPv6 with the little routerbox. I’ve enabled PPPoE logins, and my ISP is preparing a set of IPv6 addresses to route at me. With any luck, I’ll be IPv6 enabled by next week. This site is hosted elsewhere, I’ve got no idea when they’re going to do their migration, but all my sites hosted at home will be available on the next gen internet protocol.

Oh, and advice to ZyXEL P660R-D1 ADSL modem owners: If you’re thinking of going from routing mode to bridging mode (for PPPoE clients behind the modem), do a modem reset beforehand – my device failed to work in PPPoE bridging mode until I’d factory reset it. I suspect that this was down to the fact I’d got static routing rules in the device, but I can’t be sure about that, and I am disinclined to debug the kit.

Good times!