DD-WRT Upgrade part two

The upgrade of DD-WRT that I performed this last Saturday brought the version from a 2019 release to a 2022 release. DD-WRT always recommends doing a factory reset of settings before and after flashing a new firmware. As far as I’ve been able to find out, DD-WRT doesn’t provide any way to back up the settings in any form other than a binary download that is not compatible between versions. This shortcoming makes upgrading a router with many customized settings a difficult process.

dd-wrt status screen

I performed the flash upgrade without resetting everything to defaults. It wasn’t until I was going to bed on Saturday night that I realized not all things were working properly. All of the ipv4 services appeared to be working properly. The ipv6 services were not working properly on my internal network clients.

I have a Microsoft Windows Server 2016 Essentials machine running several services including file sharing on my internal network. I also have my Windows 10 desktop, and several Raspberry Pi machines. Some of the Pi machines access the file shares on the server for both reading and writing.

I’ve found that when ipv6 is not allocating global addresses for the windows server and clients, file sharing doesn’t work properly. This is an issue I don’t understand, and don’t want to change the default operation of the windows server or windows client machines, which might create more long term maintenance headaches.

Among the customizations I have set in the router:

  • Router Name
  • Domain Name
  • Local IP (v4) address is 192.168.0.1 instead of 192.168.1.1
  • close to 35 DHCP reservations for machines that run on my internal network.
  • IPv6 enabled and configured for DHCPv6 with Prefix Delegation
  • DDNS service configured as in previous post.
  • Wireless SSID
  • Wireless Password
  • SSH access to the router with rsa keys entered for allowed machines.

I figured out that the primary settings for DHCP and DNS resolution are run using dnsmasq, and the configuration file can be viewed by looking at /tmp/dnsmasq.conf in the ssh console. All of the dns reservations are listed in the form of:

dhcp-host=b0:39:56:78:83:b0,GS108Tv2,192.168.0.123,1440m
dhcp-host=28:c6:8e:09:30:cb,GS108Tv2-LR,192.168.0.125,1440m
dhcp-host=04:a1:51:b0:a6:9a,GS108Tv2-OW,192.168.0.124,1440m

Copying all of them out of the console as one entry and adding them to the Additional Dnsmasq Options field was much easier than pasting MAC addresses, Hostnames, and IP addresses into separate field for each entry.

After adding them via the web interface here, they look exactly like the entries created in the static leases section of the interface. I was hoping that the system would parse them and display them in the static leases section, but it doesn’t seem to do that.

My SSH terminal program is configured to send a series of commands to the console each time I connect which reminds me of the current setup as well as how to examine it after a long time when I’ve not worked on the device.

  • date ; uptime
  • route -A inet
  • route -A inet6
  • ip6tables -vnL
  • cat /tmp/dnsmasq.conf
  • cat /tmp/dhcp6c.conf
  • cat /tmp/radvd.conf
  • ifconfig

I’m currently not dumping the iptables (v4) output simply because there are a large number of rules that don’t get used which takes up a lot of extra space scrolling by.

I’ve compared the ipv4 and ipv6 routes from when ipv6 was not working, and they are identical.

root@Netgear-R7000:~# route -A inet
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         br1-mballard-v1 0.0.0.0         UG    0      0        0 vlan2
24.35.91.128    *               255.255.255.192 U     0      0        0 vlan2
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
192.168.0.0     *               255.255.255.0   U     0      0        0 br0
root@Netgear-R7000:~# route -A inet6
Kernel IPv6 routing table
Destination                                 Next Hop                                Flags Metric Ref    Use Iface
2604:4080:1304::/64                         ::                                      UA    256    0        0 vlan2   
2604:4080:1304:8010::/60                    ::                                      U     256    0        0 br0     
fe80::/64                                   ::                                      U     256    0        0 eth0    
fe80::/64                                   ::                                      U     256    0        0 vlan1   
fe80::/64                                   ::                                      U     256    0        0 eth1    
fe80::/64                                   ::                                      U     256    0        0 eth2    
fe80::/64                                   ::                                      U     256    1       23 br0     
fe80::/64                                   ::                                      U     256    0        0 vlan2   
::/0                                        fe80::22c:c8ff:fe42:24bf                UGDA  1024   2      302 vlan2   
::/0                                        ::                                      U     2048   2       38 vlan2   
::/0                                        ::                                      !n    -1     1      372 lo      
::1/128                                     ::                                      Un    0      3       15 lo      
2604:4080:1304::/128                        ::                                      Un    0      1        0 lo      
2604:4080:1304:0:b27f:b9ff:fe83:6590/128    ::                                      Un    0      3       75 lo      
2604:4080:1304:8010::/128                   ::                                      Un    0      1        0 lo      
2604:4080:1304:8010:b27f:b9ff:fe83:6591/128 ::                                      Un    0      3       64 lo      
fe80::/128                                  ::                                      Un    0      1        0 lo      
fe80::/128                                  ::                                      Un    0      1        0 lo      
fe80::/128                                  ::                                      Un    0      1        0 lo      
fe80::/128                                  ::                                      Un    0      1        0 lo      
fe80::/128                                  ::                                      Un    0      1        0 lo      
fe80::/128                                  ::                                      Un    0      1        0 lo      
fe80::b27f:b9ff:fe83:658f/128               ::                                      Un    0      1        0 lo      
fe80::b27f:b9ff:fe83:658f/128               ::                                      Un    0      1        0 lo      
fe80::b27f:b9ff:fe83:6590/128               ::                                      Un    0      3       61 lo      
fe80::b27f:b9ff:fe83:6591/128               ::                                      Un    0      1        0 lo      
fe80::b27f:b9ff:fe83:6591/128               ::                                      Un    0      3       24 lo      
fe80::b27f:b9ff:fe83:659e/128               ::                                      Un    0      1        0 lo      
ff00::/8                                    ::                                      U     256    0        0 eth0    
ff00::/8                                    ::                                      U     256    0        0 vlan1   
ff00::/8                                    ::                                      U     256    0        0 eth1    
ff00::/8                                    ::                                      U     256    0        0 eth2    
ff00::/8                                    ::                                      U     256    2      580 br0     
ff00::/8                                    ::                                      U     256    2       12 vlan2   
::/0                                        ::                                      !n    -1     1      372 lo      

I’ve looked at the ip6tables, and it also appears identical, beyond the counters.

root@Netgear-R7000:~# ip6tables -vnL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   12  2289 ACCEPT     all      *      *       ::/0                 ::/0                 state RELATED,ESTABLISHED
    5   376 ACCEPT     icmpv6    *      *       ::/0                 ::/0                
    0     0 ACCEPT     all      *      *       fe80::/64            ::/0                
    0     0 ACCEPT     all      br0    *       ::/0                 ::/0                
    0     0 ACCEPT     all      *      *       ::/0                 ::/0                

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all      *      *       ::/0                 ::/0                 state RELATED,ESTABLISHED
    0     0 ACCEPT     all      *      vlan2   ::/0                 ::/0                
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 128 limit: avg 2/sec burst 5
    0     0 ACCEPT     all      *      *       ::/0                 ::/0                

Chain OUTPUT (policy ACCEPT 31 packets, 4287 bytes)
 pkts bytes target     prot opt in     out     source               destination         

I’d tried disabling Radvd on the IPv6 configuration gui and adding “enable-ra” to the Additional Dnsmasq Options, but that didn’t fix my problems. The current configuration has matching radv.conf files to the non working version.

root@Netgear-R7000:~# cat /tmp/radvd.conf
interface br0
{
 IgnoreIfMissing on;
 AdvSendAdvert on;
 MinRtrAdvInterval 3;
 MaxRtrAdvInterval 10;
 AdvHomeAgentFlag off;
 AdvManagedFlag off;
 AdvOtherConfigFlag on;
 AdvLinkMTU 1452;
 prefix 2604:4080:1304:8010::/64 
 {
  AdvOnLink on;
  AdvAutonomous on;
  AdvValidLifetime 30;
  AdvPreferredLifetime 20;
 };
 RDNSS 2607:f060:2::1 2607:f060:2:1::1{};
};

I spent a lot of time reading up on IPv6 and reminding myself of things I’d known in the past and forgotten. https://blog.dorianbolivar.com/2018/09/going-full-ipv6-with-dd-wrt.html?lr=1 is a well written post with links to more sources that I found especially helpful as it was written specifically using DD-WRT and IPv6. My only issue is that it was written nearly four years ago and may not have the same options in the DD-WRT gui as are currently available.

One of the items I added to the Additional Dnsmasq Options was a couple of host entries so that dnsmasq would resolve IPv6 addresses for my windows machines. It seems to speed up the IPv6 name discovery of my windows server while still pointing default DNS resolution at the router.

host-record entries

My conclusion is that I don’t understand what was different in the non-functioning setup I had with holdovers from the older version of DD-WRT, and going through the pain of re-installing from factory fresh configuration after each upgrade is worth the trouble. I’m still not satisfied with the best way of retrieving all of the configuration data into a text file that I can later run a difference test to see what’s changed, or needs to be changed.

DD-WRT upgrade?

I’ve been running DD-WRT on my Netgear r7000 router at home for quite a while. I have had it configured to update a dynamic dns entry using No-IP.com, and was thinking of trying out the dynamic dns details directly in google domains. The upgrade instructions for dd-wrt recommend flashing the configuration to factory settings after any upgrade, and then reconfiguring the unit. While I understand the reasoning, I find it extremely frustrating.

Here’s what the ssh login looked like before I upgraded:

DD-WRT v3.0-r39960M kongac (c) 2019 NewMedia-NET GmbH
Release: 06/08/19
Board: Netgear R7000


BusyBox v1.30.1 (2019-06-08 11:12:49 CEST) built-in shell (ash)

uptime
root@Netgear-R7000:~# uptime
 17:31:02 up 269 days,  3:42,  load average: 0.01, 0.03, 0.00

This is what the same login looked like after I upgraded.

DD-WRT v3.0-r48810 std (c) 2022 NewMedia-NET GmbH
Release: 05/06/22
Board: Netgear R7000
==========================================================
 
     ___  ___     _      _____  ______       ____  ___ 
    / _ \/ _ \___| | /| / / _ \/_  __/ _  __|_  / / _ \
   / // / // /___/ |/ |/ / , _/ / /   | |/ //_ <_/ // /
  /____/____/    |__/|__/_/|_| /_/    |___/____(_)___/ 
                                                     
                       DD-WRT v3.0
                   https://www.dd-wrt.com


==========================================================


BusyBox v1.35.0 (2022-05-06 03:36:35 +07) built-in shell (ash)

uptime
root@Netgear-R7000:~# uptime
 18:12:45 up 5 min,  load average: 0.31, 0.24, 0.11

I was hoping that the dynamic dns client section would list google domains as a protocol option, or even specifically as a service choice. While it does not, the interface has the ability to use custom settings.

No-IP DDNS setting

When I attempted to use the custom settings to directly update google domains, I was getting an error. I figured out that dd-wrt appears to be using https://github.com/troglobit/inadyn as it’s DDNS client code, but is using an old version. I’m not sure it is communicating the way google wants, and after spending 20 minutes fiddling with the settings, and getting an ugly looking error code full of html, I decided to let this sit for a while.

Sat May  7 18:40:55 2022: INADYN: Started 'INADYN Advanced version 1.96-ADV' - dynamic DNS updater.
Sat May  7 18:42:11 2022: W:'RC_DYNDNS_INVALID_RSP_FROM_IP_SERVER' (0x42) updating the IPs. (it 0)
Sat May  7 18:53:22 2022: I:INADYN: IP address for alias 'www.wimsworld.com' needs update to 'xxx.xxx.xxx.xxx'
Sat May  7 18:53:22 2022: W:INADYN: Response Code: 1
Sat May  7 18:53:22 2022: W:INADYN: Error validating DYNDNS svr answer. Check usr,pass,hostname! (HTTP/1.0 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1561
Date: Sun, 08 May 2022 01:53:22 GMT

<!DOCTYPE html>
<html lang=en>
  <meta charset=utf-8>
  <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
  <title>Error 404 (Not Found)!!1</title>
  <style>
    *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5Sat May  7 19:04:34 2022: W:INADYN: Response Code: 1

Retiring Google G Suite

I think it was in 2007 that I moved my email from a private server running smtp to Google Suite. I was got in with the free version at the time and have been able to keep using it without paying anything.

Google recently announced that they would be discontinuing the free plan for G Suite, and I had to decide whether to pay for an upgraded version or migrate to something else. I only have two users configured in my account for G Suite. Each G Suite account included 15GB of storage.

Several years ago when I was close to the 15GB limit. I decided to migrate to using my gmail.com account as my primary login and add storage to it instead of adding storage to my wimsworld.com account. I used an open source program called GMailBackup http://www.gmail-backup.com/download to backup all of my email including the labels from my G Suite account and import it to my GMail.com account. I then configured my wimsworld.com account to forward all the mail directly to my gmail.com account. That mostly worked well, though for some reason the G Suite account spam filter ran before forwarding mail to GMail.com. That meant I needed to periodically login to the G Suite account to check and make sure nothing important got stuffed in its spam folder.

G Suite Dashboard

Google initially declared that the free G Suite would be expiring in May, and have since extended the deadline to June, but I needed to get it dealt with before it became too time sensitive.

After looking at several alternatives, I came across the recent exit from beta for Google Domains. One of the features that Google Domains offers is email forwarding for the domain, which allowed me to forward the wimsworld.com email address to my gmail.com address directly. Since my gmail.com address was already configured to be able to send mail as my wimsworld.com address via the google smtp servers, the switch was almost transparent, and now all the spam catching is done in a single account.

I’d been hosting my DNS records for wimsworld.com on GoDaddy.com along with having periodic renewals of the domain name through them. Every year I’d go through the hassle of looking for discount codes and making sure I wasn’t upsold on more services that GoDaddy sells. Moving my domain to Google I was able to find an introductory code to reduce the price slightly while extending my domain by another year. The process cost me a total of $12 plus tax.

Google Domains

I’d downloaded my DNS records from GoDaddy before starting anything, to make sure I didn’t lose any data. Then I went to https://domains.google.com/ and initiated the transfer of the domain to google. I had browser windows open to both sites at the same time so I could accelerate the domain transfer by confirming what I was doing on both sites. The transfer moved the DNS records to google’s DNS servers and modified the SOA records, while keeping a few of my custom DNS records, including the MX records I had to deliver email to the G Suite mail servers.

Google Domains Email

Domains let me set up email forwarding, even though it won’t be active because of the existing MX records which knew that it was configured for G Suite. There was this big orange button to disable Google Workspace and enable forwarding. I was worried that it would actually disable to G Suite, so made sure I was logged in to the G Suite console and everything was prepared for cancellation before I hit the button. When I finally hit the button, it only modified the DNS records so to use the google domains email forwarding system and didn’t touch my G Suite status.

After configuring everything in domains, and seeing that it all appeared to work correctly with my gmail.com login, I still waited one more day before I cancelled my G Suite subscription.

Ready to cancel subscription
Reason I’m cancelling subscription
It took me several tries to get the correct admin email to complete cancelling my subscription
I no longer have a G Suite Legacy subscription!

The google domains email forwarding allows you to configure forwarding of specific email addresses to different accounts, and allows a significant number of rules to be set up. It also allows using wildcard forwarding to forward mail. On my wimsworld.com address, I’m using wildcard forwarding for all of the possible accounts to my gmail account. I’ve got other personal domains set up that needed email forwarding to multiple people, and have been able to set specific addresses be forwarded to specific recipients, and a wildcard to forward any other mail to me. I like the wildcard as a catch all for mail that I may have forgotten I was using.

Google Domains has a few other features that are interesting that may get a separate write up if I have time. Dynamic DNS Hosts and DNSSec are available without extra costs. I’m already using two different free dynamic DNS services but may investigate this as I believe it would work directly with my domain name instead of using a CNAME forwarding scheme.

Perils of Open Tabs

I have had several tabs open in my browser for an extended period of time, across multiple reboots of my computer, and connecting to several different networks.

Today I was traveling and happened to be using the WiFi in the Amex Centurion Lounge. Two of the background tabs in my browser reported privacy errors, and when I tried to go to them anyway, they were redirected to an ATT hotspot error page. What’s really frustrating is that now, I don’t know what one of the original URLS was.

Initial message when page didn’t load
Web Page Blocked

Both pages were hosted on opensource.com and I’m pretty sure were related to GIT, possibly with a group of handy commands to remember.

Raspberry Pi GPSD with Pepwave MAX Transit

I’ve been wanting to do some GPS data programming with the Raspberry Pi that’s on my boat. The Pi is connected to the NMEA 2000 network, and so should be able to retrieve GPS coordinates from either my chartplotter or my AIS unit when they are powered on, but it should also be able to get the GPS data from my Max Transit cellular gateway device.

It turns out that configuring gpsd to retrieve the data from the max transit was fairly easy. I edited the file /etc/default/gpsd to include the internal address and port of my router and restarted gpsd and now the Pi has the correct location.

/etc/default/gpsd

The devices section was initially empty. I added tcp://192.168.50.1:60660 between the pair of double quotes. After that, I was able to run gpsmon with no parameters and it connects to the local machine and reports the gps statistics.

gpsmon

I’d verified that I can read the device directly over the network with the command gpsmon 192.168.50.1:60660 but I wanted to be able to write my programs without needing to know where the gps was located.

gpsmon

Access Windows Share from Raspberry Pi (revisited)

Last year I described a simple method of automounting a directory from my windows server to my Raspberry Pi. Since then I’ve gone down a couple of paths to simplify rebuilding my Raspberry Pi machines.

The method I used last year required modifying the /etc/hosts file, the /etc/fstab file, pre-creating the mount points, and creating a credentials file to store the windows login credentials.

My new method doesn’t require modification of the /etc/hosts or /etc/fstab files, or pre-creating the mount points. Instead I’m relying on two features, Multicast DNS and systemd.automount unit files.

In the old method, to find the windows server, I added it to the local hosts file on the raspberry pi.

192.168.0.12 Acid

Using Multicast DNS, if I simply recognize that I can reach the server with the name Acid.WimsWorld.local the raspberry pi will find the server on the local network. My first step was to modify my /etc/fstab enty to use the local address and clean up my hosts file.

//acid.wimsworld.local/web /media/acid/web/ cifs credentials=/etc/wimsworld.smb.credentials,noauto,x-systemd.automount,x-systemd.idle-timeout=2min,_netdev 0 0

I’d never been happy with modifying the /etc/fstab file as part of my system configuration because in newer installations it is unique to each machine, specifying the boot partitions by their formatted serial number:

proc            /proc           proc    defaults          0       0
PARTUUID=142ff4e3-01  /boot           vfat    defaults          0       2
PARTUUID=142ff4e3-02  /               ext4    defaults,noatime  0       1
# a swapfile is not a swap partition, no line here
#   use  dphys-swapfile swap[on|off]  for that

In my recent programming projects I’ve been working with systemd unit files to control my service processes and have come to understand how they work for automounting directories as well. I like that each directory has its own unit files meaning that a modification is less likely to cause problems for the system as a whole.

The single line from the /etc/fstab file above is removed and replaced by two unit files, /etc/systemd/system/media-acid-web.mount and /etc/systemd/system/media-acid-web.automount.

[Unit]
Description=Acid Web

[Mount]
What=//acid.wimsworld.local/web
Where=/media/acid/web
Type=cifs
Options=credentials=/etc/wimsworld.smb.credentials,vers=2.1

[Install]
WantedBy=multi-user.target

and

[Unit]
Description=Automount Acid Web

[Automount]
Where=/media/acid/web
TimeoutIdleSec=120

[Install]
WantedBy=multi-user.target

I still had to create the credentials file for this to work, since I wanted the credentials file to be only root readable in a different location. /etc/wimsworld.smb.credentials

username=WindowsUsername
password=WindowsPassword
domain=OptionalDomainName

After the three files are created, systemd needs to reload its database with the systemctl daemon-reload command, the automount needs to be enabled with the systemctl enable media-acid-web.automount command, and then started with the systemctl start media-acid-web.automount command.

The naming of the mount files is important, and described explicitly in the man pages for each of mount and automount. In my case, /media/acid/web gets named media-acid-web.mount and media-acid-web.automount. I didn’t need to create mount points in the /media directory, as systemd automatically takes care of that.

I was able to create all of the above with a simple paste into my terminal with the following string:

sudo bash
cat > /etc/systemd/system/media-acid-web.mount <<EOF
[Unit]
Description=Acid Web

[Mount]
What=//acid.wimsworld.local/web
Where=/media/acid/web
Type=cifs
Options=credentials=/etc/wimsworld.smb.credentials,vers=2.1

[Install]
WantedBy=multi-user.target
EOF
cat > /etc/systemd/system/media-acid-web.automount <<EOF
[Unit]
Description=Automount Acid Web

[Automount]
Where=/media/acid/web
TimeoutIdleSec=120

[Install]
WantedBy=multi-user.target
EOF
cat > /etc/wimsworld.smb.credentials <<EOF
username=WindowsUsername
password=WindowsPassword
domain=OptionalDomainName
EOF
chmod 0600 /etc/wimsworld.smb.credentials
systemctl daemon-reload
systemctl enable media-acid-web.automount
systemctl start media-acid-web.automount
exit

With the standard Raspberry Pi setup, the cat command is not available as a sudo command while the bash shell is. I’m taking advantage of that by running the bash shell as root and then all of the other commands with root privileges.

tp-link Smart Plugs with Energy Monitoring

Several years ago I picked up a TP-Link HS110 switch so that I could turn lights on and off on a schedule. It had an interesting feature of being able to monitor energy usage as well.

The HS110 has an unfortunate design that covers the second socket in a wall outlet and makes it unusable. I purchased several HS105 units over time because two can be plugged into a standard outlet with the only drawback being the extra distance the normal plug extends from the wall. The HS105 was on sale as multipack on a somewhat regular basis. The drawback of the HS105 is that it doesn’t offer energy monitoring.

I came across the HS300 power strip that offers six switched outlets plus energy monitoring for each outlet. It has a flat angled plug, allowing two devices to fit in a standard wall outlet.

Each of these devices seems to be rated at 15A (1875W) total. That should be fine, since most of the standard wall plugs they would be plugged into aren’t rated for more than that, but it’s interesting that the current handling of the largest devices is the same as the smallest.

The energy monitoring was an interesting feature, and I was hoping to get around to doing more than glancing at it from my phone occasionally. Nearly three years after my first purchase I finally got around to writing a program to do what I wanted to log the energy usage.

I’d come across https://www.softscheck.com/en/reverse-engineering-tp-link-hs110/ when I first bought the HS110, and thought I would get around to doing what I wanted quickly, but as with so many projects, it was set aside as less important. With the transient nature of the web, I’m glad that this site is still visible, and the resulting github repository tools proved invaluable for me getting my project working. https://github.com/softScheck/tplink-smartplug

There are several python projects for communicating with these devices which I also found useful, but I was hoping to build a small program with very few dependencies. Part of what I wanted to know was the communication protocol over the ethernet, and that took the most time to decipher.

https://github.com/wcbonner/KasaEnergyLogger is my project, with all of the work done in a single threaded C++ file. I’ll hopefully describe what I know of the protocol in the future. As it is, I’m pulling data from multiple devices and logging it using MRTG. I know there are significantly better graphics dashboards available, but this requires very little infrastructure, and I’m logging the raw data in case I ever really want to revisit it.

MRTG graph of AC Power Usage

For most people these devices connect to Alexa or Google Home and the scheduling plus voice controls are all that they will ever use.

I was very happy with having lamps set to turn on at sunset and turn off at specific times. The fact that I live at a latitude where sunset changes from after 9pm in the peak of summer to before 5pm midwinter was plenty for me. I also use them for controlling fans to adjust the climate in my home when I’m not relying on air conditioning.

From a system monitoring perspective I’ve considered having two Raspberry Pi, each plugged into a HS105, monitoring each other and power cycling the other device if it can’t be reached for a designated period of time.

Here are some of the other sites I found useful in getting to my current state:

FlightAware and MRTG

Continuing to work on graphing data with MRTG, I finally figured out a valid script for graphing FlightAware messages from my PiAware. This is especially interesting to me because I have been playing around with different antennas and running on a couple of different Raspberry Pi platforms. On one of the platforms I’ve got two receivers, the primary one that listens on the 1090MHz frequency, and the secondary that listens on 978MHz. I’ve been especially interested in knowing how many reports come in on the secondary frequency.

Using the in and out property of MRTG graphs, I’ve got the In (green) representing 978 messages and the Out (blue) representing 1090 messages.

I added the following section to my /etc/snmp/snmpd.conf file:

pass .1.3.6.1.2.1.25.1.9 /bin/sh /usr/local/bin/snmp-dump1090
pass .1.3.6.1.2.1.25.1.10 /bin/sh /usr/local/bin/snmp-dump978
view systemonly included .1.3.6.1.2.1.25

I created two files in the /usr/local/bin directory that snmp references. /usr/local/bin/snmp-dump1090:

#!/bin/bash
if [ "$1" = "-g" ]; then
        echo .1.3.6.1.2.1.25.1.9
        echo gauge
        /bin/grep "dump1090-fa.*5m).*FlightAware" /var/log/piaware.log | /usr/bin/tail -n 1 | /usr/bin/cut -f2 -d"(" | /usr/bin/cut -f1 -d" "
fi

and /usr/local/bin/snmp-dump978:

#!/bin/bash
if [ "$1" = "-g" ]; then
        echo .1.3.6.1.2.1.25.1.10
        echo gauge
        /bin/grep "dump978-fa.*5m).*FlightAware" /var/log/piaware.log | /usr/bin/tail -n1 | cut -f2 -d"(" | /usr/bin/cut -f1 -d" "
fi

I added the following section to my /etc/mrtg.conf file:

######################################################################
#       FlightAware messages
######################################################################
Options[_]: gauge, nopercent, transparent, pngdate
Factor[_]:
MaxBytes[_]: 12500000
YLegend[_]: Messages
ShortLegend[_]: Messages
LegendO[_]: dump1090 messages
LegendI[_]: dump978 messages

# Target[WimPi4_piaware]: `/home/wim/MRTG-PiAware.sh`
Target[WimPi4_piaware]: .1.3.6.1.2.1.25.1.10&.1.3.6.1.2.1.25.1.9:public@WimPi4
Title[WimPi4_piaware]: Pi4 FlightAware messages
PNGTitle[WimPi4_piaware]: Pi4 FlightAware Messages
PageTop[WimPi4_piaware]: Pi4 FlightAware messages

Target[WimPiZeroCamera_dump1090]: .1.3.6.1.2.1.25.1.9&.1.3.6.1.2.1.25.1.9:public@WimPiZeroCamera
Options[WimPiZeroCamera_dump1090]: gauge, nopercent, transparent, pngdate, noi
Title[WimPiZeroCamera_dump1090]: PiZero FlightAware messages
PNGTitle[WimPiZeroCamera_dump1090]: PiZero FlightAware Messages
PageTop[WimPiZeroCamera_dump1090]: PiZero FlightAware messages

I was testing that snmp was responding with data using the snmpget commands, but I was getting zeros back. I could run the scripts directly while I was logged in with my regular account and they were producing results so I was scratching my head.

pi@WimPi4:~ $ snmpget -v 2c -c public wimpi4 .1.3.6.1.2.1.25.1.9
iso.3.6.1.2.1.25.1.9 = Gauge32: 130
pi@WimPi4:~ $ snmpget -v 2c -c public wimpi4 .1.3.6.1.2.1.25.1.10
iso.3.6.1.2.1.25.1.10 = Gauge32: 0

The extra complication that added about six hours to my figuring things out was that the /var/log/piaware.log log files were not all readable, only owner and group. The snmp daemon was not running as a member of any group that had access to that file. I verified the problem with the command:

sudo -u Debian-snmp cat /var/log/piaware.log

I fixed the problem with the quick hack of:

sudo chmod a+r /var/log/pi*

 

IKEA SYMFONISK Speakers

I recently purchased a set of IKEA SYMFONISK speakers for use in my studio apartment. They are relatively inexpensive at $99.99 each. IKEA also sells a wall mount bracket for another $19.99 each. The speakers are available in two colors, black and white. I’ve got a pair of black speakers in the living room, configured as a stereo pair, and a single white speaker mounted using a wall mount in the bathroom.

Each speaker comes with a color matching nylon braid wrapped power cord and a three foot ethernet cord.

I used a pair of On-Command strips in the living room to stick the speakers to the underside of the cabinets. Using two strips are supposedly rated at 8lbs, but that would be in normal picture orientation. I held the speakers in place for the first half hour with a set of furniture clamps to make sure the adhesive had time to set. The edges of the Symfonisk speakers are flat. the back is slightly recessed. I purchased the wall mount kit for the speaker in the bathroom, and used another pair of on-command strips to hang that speaker.

 

Configuration of the speakers is done entirely with the standard SONOS app.

I ran into a small problem trying to get the first speaker working, but was able to get the rest working easily once I’d understood the issue. These speakers only seem to work with 2.4GHz networking. My network was configured with both 2.4GHz and 5GHz with separate SSIDs. My phone was configured to autojoin the 5GHz network and not the 2.4GHz network. To properly configure the speakers to work on my network I had to make sure my phone was connected to the SSID for the 2.4GHz network and would ignore the 5GHz network.

I can now play music that fills my entire apartment, streaming to both the bathroom and the living room.

Retrieve Wi-Fi Password in Windows 10

Sometimes I go to a place I’ve been before and my computer remembers the WiFi password while my brain does not. The following Windows PowerShell commands will display most of the remembered passwords.

netsh wlan show profiles

netsh wlan show profiles name=’ProfileToDisplay’ key=clear

The first command displays all of the networks your computer has remembered. It can be rather long if you’ve had your computer for several years and done a reasonable amount of traveling and using WiFi in strange locations.

2019-11-27 (1)

The second command takes the profile name that you retrieved with the first command and displays details of the selected profile. The password is displayed as the Key Content section of the Security settings.

2019-11-27 (2)