Go to advanced search

by lucdig
Sat Oct 02, 2021 6:33 pm
Forum: Networking and servers
Topic: Force IP "Don't Fragment" option with iptables
Replies: 2
Views: 289

Re: Force IP "Don't Fragment" option with iptables

That isn't going to work. You need to use set-mss to clamp the MSS to what your Wireguard link is capable of. Hey thanks a lot @trejan. I see in Wireshark that the MSS of the SYN packet is 1460. mtu_eth0 - mtu_wg0 = 1500 - 1420 = 80, so I set the MSS to 1460 - 80 = 1380, with: iptables -t nat -A PR...
by lucdig
Sat Oct 02, 2021 4:34 pm
Forum: Networking and servers
Topic: Force IP "Don't Fragment" option with iptables
Replies: 2
Views: 289

Force IP "Don't Fragment" option with iptables

Hi, I'm testing some routing policies, using a Raspberry with Raspberry OS as router. I need to route some traffic to a VPN. The MTU of my eth0 interface is 1500, and the MTU of my VPN is 1420 (Wireguard). I see that some Apps fail sometimes, the only thing that I've seen with tcpdump/wireshark is t...
by lucdig
Sat Oct 02, 2021 4:18 pm
Forum: Raspberry Pi OS
Topic: DF Robot IoT Router with CM4 - r8168 driver for the RTL8111 PCI ETH1 ethernet interface
Replies: 5
Views: 845

Re: DF Robot IoT Router with CM4 - r8168 driver for the RTL8111 PCI ETH1 ethernet interface

Thanks all, I'm testing Raspbian for routing purposes and the 64bit kernel seems to be stable (iptables, ip rule, ...)

Recompiling the driver is simpler than recompiling the entire kernel, so I think that I'll go on with the 64bit version of the kernel
by lucdig
Wed Sep 01, 2021 5:32 am
Forum: Raspberry Pi OS
Topic: DF Robot IoT Router with CM4 - r8168 driver for the RTL8111 PCI ETH1 ethernet interface
Replies: 5
Views: 845

DF Robot IoT Router with CM4 - r8168 driver for the RTL8111 PCI ETH1 ethernet interface

Recently I bought a DF Robot IoT Router https://www.dfrobot.com/product-2242.html and a Compute Module 4. Raspbian OS 32bit doesn't have the r8168 driver for the RTL8111, that is the controller of the PCI ETH1 ethernet interface. To get the PCI ETH1 interface up and running, the 64bit kernel must be...
by lucdig
Sun Jun 13, 2021 6:17 am
Forum: Media centres
Topic: Kodi mobile app iOS?
Replies: 1
Views: 814

Kodi mobile app iOS?

Hi, I would like to watch my old DVDs remotely on iPAD or iPhone. I am thinking about installing Kodi on a Raspberry Pi at home, buy a DVD-USB reader, and then connect to Kodi from a mobile app (iOS), to watch my old DVDs on the iPAD or iPhone. Does the mobile app exist? Can Kodi be configured to st...
by lucdig
Sun May 02, 2021 7:58 pm
Forum: Troubleshooting
Topic: [Bullseye/Buster/Stretch] Using LIRC on gpio-ir with kernel 4.19 or later
Replies: 78
Views: 69246

Re: [Stretch/Buster] Using LIRC with kernel 4.19.X and gpio-ir

One thing i found useful when i was trying to find out what was wrong with a sender circuit was to wire a visible LED in parallel. Turned out to be a flakey gpio pin in my case, just swapped to a different pin and it worked. The transceiver is a hat and I can't swap to a different gpio pin. I'm goi...
by lucdig
Sun May 02, 2021 6:53 am
Forum: Troubleshooting
Topic: [Bullseye/Buster/Stretch] Using LIRC on gpio-ir with kernel 4.19 or later
Replies: 78
Views: 69246

Re: Using LIRC with kernel 4.19.X and gpio-ir

After banging my head for hours and wondering why the IR blaster stopped working I finally found this post. My pin out is a little different. In case anyone else stumbles onto this post. This is the IR blaster I'm using: https://www.banggood.com/IR-Infrared-Receiver-and-Transmitter-Expansion-Board-...
by lucdig
Fri Apr 30, 2021 3:36 pm
Forum: AIY Projects
Topic: ir-ctl bug?
Replies: 1
Views: 733

ir-ctl bug?

Hello, I've a IR transceiver connected to the gpio of my raspberry pi. With ir-ctl -r file.name -d /dev/lirc1 I can see this in the file.name: pulse 887 space 982 pulse 617 space 1274 pulse 264 space 674 pulse 258 space 990 pulse 294 space 963 pulse 283 space 964 pulse 252 space 997 pulse 254 space ...
by lucdig
Sat Oct 24, 2020 4:34 pm
Forum: Networking and servers
Topic: Openresty for raspbian?
Replies: 0
Views: 420

Openresty for raspbian?

Hi, I've successfully installed openresty on a Debian 10 virtual machine: https://www.installing.in/how-to-install-openresty-on-debian-10/ and I would like to install it on Raspbian. I'm running the last version of Raspbian. #uname -a : Linux raspberrypi 5.4.51-v7l+ #1333 SMP Mon Aug 10 16:51:40 BST...
by lucdig
Tue Dec 24, 2019 6:35 pm
Forum: Networking and servers
Topic: [SOLVED] Strongswan multiple ikev2 clients not working
Replies: 3
Views: 2221

Re: [SOLVED] Strongswan multiple ikev2 clients not working

If you're having a look at strongSwan, you might want to check out https://github.com/gitbls/pistrong , which makes it super-easy to install and manage strongSwan using Certs rather than passwords. It simplifies a LOT, and eliminates the need to edit config files. And yes, strongSwan is quite fast....
by lucdig
Tue Dec 24, 2019 9:36 am
Forum: Networking and servers
Topic: [SOLVED] Strongswan multiple ikev2 clients not working
Replies: 3
Views: 2221

Re: [SOLVED] Strongswan multiple ikev2 clients not working

Hi, for those who are interested, I achieved to have two VPN clients working simultaneously. For each client configured in /etc/ipsec.secrets : : PSK "your_psk" username1 : EAP "pwd1" username2 : EAP "pwd2" in /etc/ipsec.conf I have configured a different connection, wi...
by lucdig
Mon Dec 23, 2019 6:15 pm
Forum: Networking and servers
Topic: [SOLVED] Strongswan multiple ikev2 clients not working
Replies: 3
Views: 2221

[SOLVED] Strongswan multiple ikev2 clients not working

Hi, I decided to test strongswan ikev2 vpn in my raspberry, I've read that it's faster than OpenVPN. I followed this tutorial: https://nerd.one/how-to-setup-strongswan-vpn-with-ikev2-on-raspberry-pi/ and it works with one client. When I add a second client to the ipsec.secrets, and changed according...
by lucdig
Sun Dec 22, 2019 8:07 am
Forum: Networking and servers
Topic: DMZ host - blocking external IPs doing port scanning
Replies: 9
Views: 1567

Re: DMZ host - blocking external IPs doing port scanning

Thanks, I'm going to study and try fail2ban
by lucdig
Sat Dec 21, 2019 3:13 pm
Forum: Networking and servers
Topic: DMZ host - blocking external IPs doing port scanning
Replies: 9
Views: 1567

Re: DMZ host - blocking external IPs doing port scanning

Well, I don't think that bad guys are "only" scripts, absolutely. I can't have stations everywhere for "weather forecasting", anyway, big organizations have more resources than me, and, hopefully, they`ll plan to do something about this. An home-made IDS could be more difficult t...
by lucdig
Sat Dec 21, 2019 8:43 am
Forum: Networking and servers
Topic: DMZ host - blocking external IPs doing port scanning
Replies: 9
Views: 1567

Re: DMZ host - blocking external IPs doing port scanning

Easier than coding raw nftables (aka iptables) is to install the uncomplicated firewall (ufw) and possibly the GUI for it (gufw). That will build the nftable rules you need. Default is block nothing. It's trivial to block everything except ssh (and http/https) so that it's only accessible from your...
by lucdig
Sat Dec 21, 2019 8:34 am
Forum: Networking and servers
Topic: DMZ host - blocking external IPs doing port scanning
Replies: 9
Views: 1567

Re: DMZ host - blocking external IPs doing port scanning

One way would be to use iptables, although there may be some shortcomings relative to your goals: a) Not sure you can log from iptables to a random file of your choosing, and b) You need to hardcode in your iptables rules the ports that you want to log. You CAN use --dport lowport:highport to minim...
by lucdig
Fri Dec 20, 2019 9:13 pm
Forum: Networking and servers
Topic: DMZ host - blocking external IPs doing port scanning
Replies: 9
Views: 1567

DMZ host - blocking external IPs doing port scanning

I've configured my raspberry as DMZ host in the home router, and I see with a tcpdump a lot of external hosts doing port scanning. I would like to log the external IP addresses that scan ports that are not opened in the raspberry. I know that IDSs exist, like snort, anyway, I would like to use somet...
by lucdig
Mon Dec 16, 2019 10:32 am
Forum: Media centres
Topic: mpeg ts multicast stream - reduce bitrate
Replies: 0
Views: 491

mpeg ts multicast stream - reduce bitrate

Hi, I need your help for the following. I have a multicast stream with an mpeg ts coded audio+video, with a ~8Mbit/s bitrate. I need to lower the bitrate to ~ 4Mbit/s. I tried with cvlc, option :sout-transcode-vb=4000, but the output stream seems to be again at ~8Mbit/s. Any idea? is ffmpeg better t...
by lucdig
Sun Nov 17, 2019 1:35 pm
Forum: Media centres
Topic: rtl2838: unknown tuner NONE
Replies: 3
Views: 1111

Re: rtl2838: unknown tuner NONE

Hi, it's the Raspberry Pi 0 first model, powered with 2A. Soon I'll post the output of the lsusb -v command.

Regards, thanks
by lucdig
Sat Nov 16, 2019 1:06 pm
Forum: Media centres
Topic: rtl2838: unknown tuner NONE
Replies: 3
Views: 1111

rtl2838: unknown tuner NONE

Hi, I bought an RTL2838 device, it doesn't work in my raspberry. # uname -a Linux raspberrypi 4.19.75+ #1270 Tue Sep 24 18:38:54 BST 2019 armv6l GNU/Linux dmesg tells me: unknown tuner NONE: # dmesg | grep -i dvb [ 16.961291] usb 1-1.3: dvb_usb_v2: found a 'Realtek RTL2832U reference design' in warm...
by lucdig
Wed Nov 06, 2019 12:14 pm
Forum: Media centres
Topic: DVBSky S960 V2 USB , dvblast and tsduck tsp
Replies: 0
Views: 2113

DVBSky S960 V2 USB , dvblast and tsduck tsp

Hi, I have problems with the DVBSky S960 V2 USB when I try to use it with dvblast . I tried dvblast with a Pctv 461e , with no issues. I installed in /lib/firmware the drivers found here: http://www.dvbsky.net/download/linux/firmware.zip # dmesg | grep dvb [ 17.453675] usb 1-1.3: dvb_usb_v2: found a...
by lucdig
Sun Oct 27, 2019 11:07 am
Forum: Networking and servers
Topic: Multicast traffic blocked between LANs?
Replies: 2
Views: 2048

Re: Multicast traffic blocked between LANs?

Hi, for those who are interested in this topic: Raspbian, by default, comes without multicast routing capabilities. When a device sends multicast traffic through LAN1 ( eth1 in the Raspberry Pi), it sets a destination multicast MAC address Address: IPv4mcast_15 (01:00:5e:00:00:15) - capture with Wir...
by lucdig
Fri Oct 18, 2019 11:31 am
Forum: Networking and servers
Topic: Multicast traffic blocked between LANs?
Replies: 2
Views: 2048

Re: Multicast traffic blocked between LANs?

Thanks, I’ll test it, and with

Code: Select all

... dev lo
as well.
by lucdig
Fri Oct 18, 2019 9:48 am
Forum: Networking and servers
Topic: Multicast traffic blocked between LANs?
Replies: 2
Views: 2048

Multicast traffic blocked between LANs?

Hi, I'm going to buy a Raspberry and connect it to my Home LAN 192.168.1.0/24. I'll buy an Ethernet USB adapter as well for the Raspberry https://thepihut.com/products/adafruit-ethernet-hub-and-usb-hub-w-micro-usb-otg-connector . I'll connect a device that generates multicast traffic (Destination 23...
by lucdig
Fri Oct 18, 2019 9:27 am
Forum: Media centres
Topic: Raspberry Pi as HDMI wireless transmitter/receiver?
Replies: 15
Views: 13404

Re: Raspberry Pi as HDMI wireless transmitter/receiver?

I surfed the web and I found this device (the sender): LKV373A V3.0 HDMI Extender HD 1080P Over Lan RJ45 Cat5/6 It's about $30 in eBay, cheaper than HDMI USB 3.0 capture devices, and connection to the LAN. I've ordered one, I'll have it hopefully in 1 month, it's from China. Well documented work has...

Go to advanced search