Wednesday, February 1, 2017

Setting up Linux Router with PPPoE for CenturyLink DSL

There were two big gotchas, for me at least:
  1. Ethernet packets must be in VLAN 201.
  2. (a) Getting the right MTU and (b) clamping MSS to MTU.
Basically you just install and run ppoeconf, and it does everything for you:
  1. configures /etc/ppp/peers/dsl-provider
  2. modifies /etc/network/interfaces
  3. starts up pppd
But then there are the gotchas.

Gotcha #1:

If the ethernet packets aren't tagged with VLAN 201, then your router can send out a PADI packet, but will never get back a PADO response from the DSL access concentrator.

My fix for the VLAN was easy.  The DSL modem I got already had a setting to make it tag ethernet packets with VLAN 201, but I didn't know that was required when I started, so I had to find this out the hard way.  If your modem can't do this for you, I know there is a way to set up a virtual interface named eth0.201 for example, but I've personally never done it.

Gotcha #2a:

pppoeconf pretty much takes care of this for you, setting the MTU to 1492 by default, which really should work, but after some ping testing and whatnot, I determined that for me I needed to set it to 1484.

So this is what my /etc/ppp/peers/dsl-provider looks like (with all comments removed):

noipdefault
defaultroute

hide-password
lcp-echo-interval 20
lcp-echo-failure 3
connect /bin/true
noauth
persist
mtu 1484

noaccomp
default-asyncmap
plugin rp-pppoe.so eth1
user "myppoeuser@qwest.net"


Gotcha #2b:

pppoeconf actually handles this for you as well, by creating a file in /etc/ppp/ip-up.d named 0clampmss with this firewall rule:

iptables -t mangle -o "$PPP_IFACE" --insert FORWARD 1 -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1400:65495 -j TCPMSS --clamp-mss-to-pmtu

Without this, some websites might work and others might not.  Some might load partway, etc.  That's what was happening to me, and I finally realized the problem was this rule had gone missing.  It was because I have my own firewall script that I had run, which flushes all the chains and adds just the rules I want.  So I needed to add a rule for this to my firewall script.

Thursday, May 21, 2015

Animated Emoji in Gmail subject line - the 90s are back!

A few weeks ago I noticed several emails in my spam folder in gmail had animated icons in the subject line, such as blinking stars.

I couldn't believe my eyes.  I didn't even know about colored emoji characters, let alone animated emoji!  And how could it get into a subject line?

Terence Eden explains it pretty well in a blog post here.  I like how he focuses on the fact that spammers can and will use this to catch people's attention.  Way to go Google.  Thanks a lot!

Google has defined some special Unicode characters that they will automatically turn into embedded images in the subject line.  What's next Google?  The marquee blink?  The 90s are calling and they want their geocities back!

At least with normal characters, even colored emoji Unicode characters, I can control how they look.  E.g., if I don't want color, I can uninstall the "Segoe UI Emoji" font.  But when Google turns characters into embedded images, they control how it looks.

The best I could do was install the Toggle animated GIFs Firefox extension.

Please Google, get rid of this nonsense!  Don't make me go back to using mutt all the time!

Monday, January 20, 2014

df showing ugly uuid for root device

I found that after upgrading debian to wheezy the df command was showing a long name for the root device instead of the real normal short name like /dev/sda1.

/dev/disk/by-uuid/4661950b-0d92-4a1d-9919-2b71eaa14189

I found this link very helpful in explaining the problem and giving a workaround.

Sunday, September 9, 2012

Building a single kernel module on Debian.

I was trying to build snd-seq-oss.ko so I could run the old playmidi that requires OSS /dev/sequencer, but when I did the insmod I got a -1 "Invalid module format" and dmesg showed "snd_seq_oss: no symbol version for module_layout".

I found out the problem was that since I am building just the module not the kernel, I need the Module.symvers from the distro's kernel.  So the solution in this case was to install linux-headers-2.6.32-5-686 and copy the Module.symvers from there.

There's probably other ways to do it but that is what worked for me.  See steps below for future reference.

sudo -i
apt-get install linux-headers-2.6.32-5-686 linux-source-2.6.32
cd /usr/src
tar -jvxf linux-source-2.6.32.tar.bz2
ln -s linux-source-2.6.32 linux
cd linux
cp ../linux-headers-2.6.32-5-686/Module.symvers .
cp /boot/config-2.6.32-5-686 .config
   (modify .config as desired)
make oldconfig
make prepare
make modules_prepare
make SUBDIRS=scripts/mod
make SUBDIRS=path/to/module modules

Monday, March 14, 2011

Use right alt as Windows key in Debian Squeeze

My Thinkpad has no Windows key, so I was using a startup file with xmodmap commands to map my right alt to the Windows key (Super_L).

That worked great until I updated Debian to Squeeze. Then it would only work if I ran it manually after Gnome came up. I tried several startup scripts with different names including .gnomerc, but my settings just wouldn't stick.

So I decided it must be getting overridden by a later step, probably a step where it checks gnome-keyboard-properties settings and calls setxkbmap, so that resets anything you tried to do in a start-up script.

There is an option in gnome-keyboard-properties for "Left Alt is swapped with Left Win". That causes it to run setxkbmap -option altwin:swap_lalt_lwin I believe. That would work perfectly for me, except I want to map the right alt, not the left alt.

So finally, here is what I came up with (probably not the right solution, but it works). I edited all the files in /usr/share/X11/xkb/rules/ with swap_lalt_lwin in them and added a similar line/section called swap_ralt_lwin. Similarly I edited /usr/share/X11/xkb/symbols/altwin and added a section at the bottom for swap_ralt_lwin that works similar to the swap_lalt_lwin section.

Wednesday, February 9, 2011

Debian Lenny to Squeeze on Thinkpad T42

The good:
  • Faster bootup.
  • Very fast switching between X and a VT.
  • Firefox 3.5 is much faster than 3.0.
  • Most Thinkpad extra keys now work great out of the box.
  • Cool desktop backgrounds.
The bad:
  • X11 looked funny. Turns out no themes were installed. Had to install gnome-themes.
  • Got a bunch of warnings from udev on bootup, coming from z60_xserver-xorg-input-wacom.rules, so I purged xserver-xorg-input-wacom.
  • The ACPI hotkey events changed names, so some hooks I had set up in /etc/acpi/events stopped working until I updated the names.
  • EmulateWheel setting in xorg.conf no longer works. xinput works. I installed gpointing-device-settings, which is a very convenient solution.
  • Alt_R keycode is now 108 instead of 113.
The ugly:
  • X wouldn't start. Turns out it was because gdm wasn't installed. Why did gdm get removed during upgrade? Maybe it wanted to replace it with gdm3? But it didn't install gdm3.

Tuesday, January 4, 2011

Samba - How to ignore trusted domains completely

For reasons similar to those mentioned here by Dmitry Butskoy, I needed to make winbind exclude trusted domains. But like he said, "allow trusted domains = no" doesn't seem to affect winbind in this context.

So I built winbindd from source, commenting out the call to rescan_trusted_domains() as Dmitry mentioned here, and it works exactly how I want now!

Looking at the latest version of Samba, 3.5.6, it appears to still not apply that setting in this context. I think rescan_trusted_domains() ought to check lp_allow_trusted_domains() and return if it is false.

If anyone on the Samba team is reading this, I hope you will consider making that change. Hmm, maybe I should submit a patch...