Category Archives: linux

Configurando un dispositivo bluetooth en Fedora

Comprobamos que el modulo de bluetooth está activo.


$ lsmod | grep btusb
btusb 32376 0
bluetooth 486188 6 bnep,btusb

Instalamos el software correspondiente. He visto que deberían estar instalados estos paquetes: bluez, gnome-bluetooth-libs, bluez-hcidump, bluez-hid2hci, pulseaudio-module-bluetooth.

Usamos la aplicación bluetooth-wizard para realizar la configuración de los dispositivos bluetooth.

Vamos si está activo o no bluetooth por linea de comandos:

$ rfkill list
0: Toshiba Bluetooth: Bluetooth
Soft blocked: yes
Hard blocked: no
1: phy0: Wireless LAN
Soft blocked: no
Hard blocked: no

¡Bingo! “Soft blocked” de Bluetooth está bloquado. Procedemos a desbloquearlo usando rfkill (Herramienta que hace justo eso, habilitar y deshabilitar dispositivos)

rfkill unblock 0

$ rfkill list
0: Toshiba Bluetooth: Bluetooth
Soft blocked: no
Hard blocked: no
1: phy0: Wireless LAN
Soft blocked: no
Hard blocked: no
6: hci0: Bluetooth
Soft blocked: yes
Hard blocked: no


ana@localhost~
$ rfkill unblock 6

Y ahora ya sí que podemos proceder a la configuración de mi altavoz bluetooth.

Nota: He tenido que desmarcar la opción de gestión de pin a la hora de vincular el dispositivo.

Bounding devide

I need a bounding device to test the devgroup support in nft.

Update: I only need add my wlan0 device into a group. It did it with ip link.

1
ip link set group 100 dev eth0
1
2
3
$ sudo ip link list group 23
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT qlen 1000
    link/ether e0:06:e6:c6:dc:89 brd ff:ff:ff:ff:ff:ff

It’s necessary this software:

ifenslave-2.6 package to enable bonding

Interface Configuration Files:
/etc/network/interfaces file contains network interface configuration information.
We use this interface configuration file from this link https://gist.github.com/mrvdb/3099065

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# Regardless of how our topology looks, we'll need the local interface
auto lo
iface lo inet loopback 
 
# Configuration basics taken from:
#   http://www.kernel.org/doc/Documentation/networking/bonding.txt
# Define the bonding master, which is ideally our only interface to the outside world
# - define slaves as none initially, this helps with booting faster
# - the primary line makes most sense here, but is not enough
# - set the interface check interval to 100ms
# - we activate 1 interface at a time for now, if one fails, the other takes over
auto bond0
iface bond0 inet dhcp
      bond-slaves none
      bond-mode active-backup
      bond-primary eth0
      bond-miimon 100
 
# Slave: wired ethernet connection port, typically our office connection
# - critical that the type is set to 'manual'
# - typically wired is the fasted connection, so make this the primary
# - the primary line seems redundant but is needed here
auto eth0
iface eth0 inet manual
       bond-master bond0
       bond-primary eth0
 
# Slave: the wireless connection interface
# - critical that the type is set to 'manual'
# - interface roams under control of wpa_supplicant
# - the primary line seems redundant but is needed here
# -  
# - tell the interface that packets come in over bond0 instead of wlan0
# - the wpa conf file contains network definitions and other settings.
auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual
      bond-master bond0
      bond-give-a-chance 10
      bond-primary eth0
      wpa-bridge bond0
      wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

The following is a sample file for wpa supplicant
/etc/wpa_supplicant/wpa_supplicant.conf

ctrl_interface=/var/run/wpa_supplicant                                          

network={
ssid="WLAN_0A0D"
scan_ssid=1
proto=WPA RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk=2493528ad18638786cc80dad9bd3b440b251cf101698bc76c70ac7db032eed95
}

Interruptions of process

cat /proc/interrupts

CPU0 CPU1 CPU2 CPU3
0: 16 0 0 0 IO-APIC-edge timer
1: 12408 26389 1090 1189 IO-APIC-edge i8042
8: 0 1 0 0 IO-APIC-edge rtc0
9: 6035 4392 738 599 IO-APIC-fasteoi acpi
12: 17385 82984 4436 4409 IO-APIC-edge i8042
16: 4 11 1 0 IO-APIC-fasteoi ehci_hcd:usb3, mmc0
17: 148716 88599 13393 11648 IO-APIC-fasteoi rtl_pci
18: 0 0 0 0 IO-APIC-fasteoi i801_smbus
23: 4 11 1 0 IO-APIC-fasteoi ehci_hcd:usb4
40: 44920 42618 7549 8664 PCI-MSI-edge xhci_hcd
42: 47344 60559 10887 19568 PCI-MSI-edge ahci
43: 112746 1049499 51672 47390 PCI-MSI-edge i915
44: 462 399 83 237 PCI-MSI-edge
45: 1 0 0 0 PCI-MSI-edge
46: 240 3866 169 172 PCI-MSI-edge
47: 245 543 0 0 PCI-MSI-edge snd_hda_intel
49: 1 0 0 0 PCI-MSI-edge
50: 2505 47 0 0 PCI-MSI-edge eth0
NMI: 34 51 54 44 Non-maskable interrupts
LOC: 852531 447119 983786 548548 Local timer interrupts
SPU: 0 0 0 0 Spurious interrupts
PMI: 34 51 54 44 Performance monitoring interrupts
IWI: 1 0 0 0 IRQ work interrupts
RTR: 4 2 0 0 APIC ICR read retries
RES: 81435 60433 162180 136290 Rescheduling interrupts
CAL: 1139 1031 1308 1365 Function call interrupts
TLB: 37253 17301 22612 18712 TLB shootdowns
TRM: 0 0 0 0 Thermal event interrupts
THR: 0 0 0 0 Threshold APIC interrupts
MCE: 0 0 0 0 Machine check exceptions
MCP: 50 50 50 50 Machine check polls
ERR: 0

Iptables: Mostar el numero de paquetes que coinciden con una regla

iptables -t filter -L -v

(master) $ sudo iptables -t filter -L -v
Chain INPUT (policy ACCEPT 441 packets, 146K bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any anywhere anywhere PKTTYPE = broadcast

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 468 packets, 160K bytes)
pkts bytes target prot opt in out source destination

Amazing days in the 2014 Netfilter Workshop

It finished the 2014 Netfilter Workshop. It was amazing and very interesting for me. I’d been in Lyon before this was my first visit to Montpellier in France. This meeting was co-hosted by 15èmes Rencontres Mondiales du Logiciel Libre, the biggest event of free software in France with more than 300 conferences and workshops.

I arrived on Sunday 6th of July, one day before the workshop, and I visited some stands of Open source projects in the “Esplanade Charles-de-Gaulle” of the 15èmes Rencontres Mondiales du Logiciel Libre. There was a conference of Richard Stallman about the history of Free Software.

On monday, It was the Netfilter’s User day. There were a set of talks about DDoS protection using Netfilter/iptables, nft-sync, Nftables and IPS, Netfilter logging at the nftables age, Suricata IDS/IPS, Zorp and kzorp and Vuurmuur. In my opinion, the most important and interesting talk that day was “nftables: a new packet classification framework for Linux” by Pablo Neira, the maintainer of Netfilter project. Nftables is the new packet classification framework that intends to replace the existing {ip,ip6,arp,eb}_tables infrastructure. It’s the future. 🙂

Tuesday and Wednesday were the first days of the Netfilter’s developers days. They passed with interesting talks, an important debates and decision making about the Netfilter project, their projects and related technologies. Those days, we spoke about netfilter updates with a short summary on the Netfilter kernel changes since the last workshop, achievement unlocked, OVS MPLS, nftables quick hacking HOWTO, the switch-o-pocalypse, NIC’s and external switches, the challenge of 10Gbit/s wirespeed and the lessons learned from DPDK, qdisc updates and lockless FIFO, Open vSwitch with conntrack and Use of nftables from OVS. Moreover, there were time to speak about nftables project: “Nftables kernel” and “Nft from userspace” by Patrick McHardy and Pablo Neira, two of the most relevant developers of nftables project. At that time, They spoke and was a debate about what is done, what needs to be fixed/done and future things coming in nftables (in kernel space) and nft (user-space)

In the OPW, I’m working with nft, libnftln and nftables in the kernel space, so, It was the most interesting moment. I heard a very good explanation about these projects.

On Thursday, It was more talk and debates about ipset and ulogd2. Morever, It was the time for the students of Google Summer of Code and me. Arturo Borrero speak about his project nft-sync, a new userspace tool to distribute a nftables ruleset across the network. Alvaro Neira spoke about XML/JSON support for libnftnl and Giussepe Longo spoke about the compatibility layer in nft. Their talks were very good and very interesting. They were about their work around “Google Summer Of Code” period.

I spoke about one of my tasks during the OPW period: “nftables automated tests” I spoke about the motivation to do it, what is checking, options are available to run this test, the structure of the test file and the test folders. Also, I spoke about the future of the testing in nft and the next tasks to do. I was very nervous: It was my first talk in the Netfilter Workshop and in English language. It was an important challenge to me, I did it the best I could. 🙂

During these days, I talked with the developers and they gave me feedback on the importance of the test system and the expectation of the creation of this task. It hasn’t been any test system in nft tools yet.

They were amazing days. I learned a lot about development, network, linux, the kernel, hardware… and it was a landmark in Netfilter Workshop history: It was the first time that a girl are invited to this meeting and also she gave a talk.

Thanks to The Outreach Program for Women. They sponsored me the travel and the hotel during these days. Without their help, I wouldn’t have been to do it.

Here’s the group picture of the 10th Netfilter workshop which is held from July 7th to July 11th in Montpellier, France. By Eric Leblond
Netfilter workshop group picture 2014

nftables 0.3 and libnftnl 1.0.2 releases

Today, Netfilter project presents nftables 0.3 and libnftnl 1.0.2. It’s good news! Because these announces come with a lot of improvements.

This release of nftables contains bug fixes, syntax cleanups, new features, support for all new features contained in the recent 3.15 kernel release. [More informacion: [ANNOUNCE] nftables 0.3 release]

And this release of libnftnl, comes with new features available in 3.15, the event monitoring and fixes for the XML/JSON infrastructure. [More information: [ANNOUNCE] libnftnl 1.0.2 release].

These weeks, I’ve working hard to fix XML/JSON infraestructure. Now, 76 patches were accepted, but we keep working on it.

I began to fix a bug about incorrect print of unset values, and we end up doing some similar fixes through all library. It was a hard work, but It’ll allow us to improve the import/export feature in nft.

XML and JSON in nftables

libnftnl is an userspace library providing a low-level netlink programming interface (API) to the in-kernel nf_tables subsystem. The library libnftnl has been previously known as libnftables. This library is currently used by nftables.

To use libnftnl, We require the following software:

How to install the library:

./autogen.sh
./configure --with-xml-parsing --with-json-parsing
make
sudo make install
make check // To "generate" the tests and examples.

Also we use the library with nftables, We can do some task like run test and example.

Run the tests to check all change in this library:

sudo ./nft-parsing-test [options]
Options:
-d/--dir Check test files from .
-u/--update Update test files from .
-f/--file Check test file

Or we can run all test with the following script:

./test-script.sh

Others things we can do:

Activar la hibernación en Debian (…y pequeños fallos)

Tras una instalación básica de Debian y Fedora (arranque dual) tuve problemas a la hora de hacer uso de la hibernación del sistema.

Problemas: Me faltaba el software correspondiente y tenía problemas con los UID de la partición swap de Linux. (Supongo que al instalar Fedora más tarde, se había machacado los UID’s)

Software necesario: hibernate pm-utils

Configuración correcta del UID de la partición swap:

  • ¿Cúales son los UID de las particiones?: ‘blkid’
  • Ficheros que deben incluir el correcto uid de la partición swap:
    /etc/fstab
    /etc/initramfs-tools/conf.d/resume
  • Una vez modificados estos archivos, ejecutar: ‘update-initramfs -u’
  • Editar /etc/default/grub y modificar para que la variable GRUB_CMDLINE_LINUX_DEFAULT tenga un contenido similar a: (Sustituir por el UID correspondiente)
    GRUB_CMDLINE_LINUX_DEFAULT=”resume=UUID=7719aa2c-c98d-4b41-8fa8-e2bb83906f07 quiet”
  • Actualizar la configuración de Grup (‘update-grub’) y reiniciar el sistema.
  • Comprobar que se realiza la hibernación: ‘pm-hibernate’

Fuentes consultadas: Habilitando Hibernar en Debian Wheezy, Suspeción e hibernacion por consola Linux y habilitado hibernación en Debian

Indicar la rama y estado de git en el prompt

Llevaba tiempo queriendo incluir esta información en el prompt, pero nunca me paraba a buscar como se hacía. Hoy fue el día 😛

“Es tó fácí!!!!”

Maldito Flash

Aunque con html5 casi no es necesario, hay páginas que sólo funcionan con la última versión de Adobe Flash, así que… toca instalarlo.

  1. Desinstala todo lo relacionado con Flash que tengas instalado.
  2. Descarga y descomprime el archivo correspondiente de su pagina oficial. En mi caso, el tar.gz de 64bits
  3. Sólo nos va a interesas el archivo libflashplayer.so que copiaremos en /home/usuario/.mozilla/plugins (también podría copiarse en /usr/lib/mozilla/plugins/)
  4. Y reiniciar el navegador, y listo!