netconfig elaboration

handbook/computing/netconfig.html

@@ -88,10 +88,10 @@ We bridge the hut wifi with the hut ethernet cable to the <var>expo laptop</var>
 </ol>
 <p>1. The benefit of doing it in the Netgear box is that you get to play with a graphical web interface not text files. But also you can test that the Netgear box is working separately from everything else.
 <p>2. The benefit of doing it in the netbook is that all the configuration is in the same place, and you only have to learn one way of doing things instead of having to use text files <em>and</em> a web interface. Also, by making the Netgear box completely dumb, it is swap-replaceable if it dies with no reconfiguration required.
-<p>The DHCP is configured to issue IP addresses with <samp>x</samp> between 2 and 199, i.e. laptops and phones will get IP addresses between <samp>192.168.1.10</samp> and <samp>192.168.1.199</samp>. These may change after 12 hours.
+<p>The DHCP is configured to issue IP addresses with <samp>x</samp> between 10 and 199, i.e. laptops and phones will get IP addresses between <samp>192.168.1.10</samp> and <samp>192.168.1.199</samp>. These may change after 12 hours.
 
 <h4>Static addresses</h4>
-<p>The netbook has two network interfaces: the Alfa wifi antenna (which has an address issued by the Gasthof wifi system) plugged into a USB socket, and its ethernet cable socket which is configured to have the address <samp>10.0.1.2</samp>.
+<p>The netbook has two network interfaces: the Alfa wifi antenna (which has an address issued by the Gasthof wifi system) plugged into a USB socket, and the netbook's ethernet cable socket which is configured to have the address <samp>10.0.1.2</samp>.
 <p>The Netgear box has its yellow ethernet cable socket set to the address <samp>10.0.1.1</samp>. The four other ethernet sockets are all on the address range <samp>192.168.1.x</samp> and the wifi network interface is set to <samp>192.168.1.1</samp> also in the network <samp>192.168.1.x</samp>.
 
 <p>So the ethernet cable between the Netgear box and the netbook is  <samp>10.0.1.1</samp> at the Netgear end and <samp>10.0.1.2</samp> at the netbook end. Nothing else uses any number like <samp>10.0.x.y</samp>.
@@ -110,11 +110,14 @@ the black WiFi antennae on the small black Alfa box are still upright and have n
 <p>The netbook attempts a reconnection every 60 seconds, so wait at least 2 minutes before doing anything. That is because when the netbook attempts a full reconnection it can take nearly a minute to rebuild everything.
 
 <p>Test whether the netbook is actually running and responding by sitting at the <var>expo laptop</var> and logging into the netbook remotely. Do this in a terminal window:
-<pre><code>ssh expo@10.0.1.2</code></pre>
+<pre><code>ssh expo@tclaspire3.potato.hut</code></pre>
 or
 <pre><code>ssh expo@tclaspire3.hut</code></pre>
+or
+<pre><code>ssh expo@10.0.1.2</code></pre>
+(The last of these may not actually work: this is a non-routable IP address.)
 <p>If you get a login prompt, the netbook is running. It is a slow machine so do not expect this to be instant.
-<p>Login (as user 'expo' using the cavey:beery password) and type this at a prompt:
+<p>Login to the netbook (as user 'expo' using the cavey:beery password) and type this at a prompt:
 <pre><code>/root/fakenet/runfakenet</code></pre>
 which will run the script to reconnect. This may take a minute to have the desired effect.
 
@@ -122,7 +125,7 @@ which will run the script to reconnect. This may take a minute to have the desir
 <pre><code>shutdown --reboot</code></pre>
 <p>You may also need to re-enable wicd, see below.
 
-<p>If it keeps failing, then maybe the <var>cron</var> system which re-triggers it every 60s is not working. That is probably a symptom of something more much more serious wrong with the netbook if you have already re-booted it. Try re-booting it again and this time be more patient. <em>Report this</em> to a nerd and <em>write a record of the problem in the expo logbook</em>.
+<p>If it keeps failing, then maybe the <var>cron</var> system which re-triggers it every 60s is not working. That is probably a symptom of something more much more serious wrong with the netbook if you have already re-booted it. Try re-booting it again and this time be more patient. <em>Report this</em> to a nerd, <em>write a record of the problem in the expo logbook</em> and <em><a href="https://app.element.io/#/room/#LoserExpoWebsite:matrix.org">post a request for help</a></em> to the expo Matrix chat system.
 
 <h4>wicd</h4>
 <p>The netbook needs to have its persistent networking set up correctly <i>in addition to the other scripts</i>. This 
@@ -131,9 +134,106 @@ system panel. (Or search in all applications in the Internet section for the <va
 that the netbook does not connect to any network except the StaudnGast wifi network, and also tick the 'automatically 
 reconnect' checkbox for the "StaudnGast" network.
 
-<h2>The scripts</h2>
+<h2 id="scripts">The scripts</h2>
 <p>For the curious or desperate, here is how the scripts actually work.
-<p>The <var>/root/fakent/expo/hosts</var> file is just two lines:
+<p>The master copy of the scripts in on the expo server in <var>/home/expo/config/netbook</var> which includes the files
+<ul>
+<li><a href="netbookfakenet/readme">readme</a>
+<li><a href="netbookfakenet/fakenetcron">fakenetcron</a> - needs to be renamed and copied to <var>/etc/cron.d/fakenet</var>
+<li><a href="netbookfakenet/70-persistent-net.rules">70-persistent-net.rules</a> - needs to be copied into <var>/etc/udev/rules.d/</var>
+<li>fakenet2022.tgz - needs to be unpacked into <var>/root</var>
+</ul>
+<p>The files linked in this documentation are sanitized copies, not the master files. Get the master files by ftp or scp from <var>expo.survex.com/home/expo/config/netbook</var>.  
+<p>Installation instructions are in the <a href="netbookfakenet/readme">readme</a> file. These are all documented below, but do get an updated copy from <var>expo.survex.com/home/expo/config/netbook</var> before you do anything.
+
+
+
+<h3>After installation of the files</h3>
+<p>The central script is <a href="netbookfakenet/fakenet2022/keepalive">/root/fakenet/keepalive</a> which is run every 60 seconds:
+<pre><code>
+#!/bin/sh
+# Runs from cron
+
+if ( ping -c 1 -w 5 -q wookware.org ); then
+ #working
+ :
+else
+ #rerun login 
+ /root/fakenet/expo/gasthoflogin
+ sleep 10
+ if ( ping -c 1 -w 5 -q wookware.org ); then
+  #working now
+  :
+ else
+  #re-setup full network config
+  /root/fakenet/runfakenet
+ fi
+fi
+</code></pre>
+As you can see, it checks if the internet is available by looking for <var>wookware.org</var> and if not, it runs the Gasthof login script. If there is still no joy, it runs the full network reconfiguration script.
+
+<p>Gasthof login script <a href="netbookfakenet/fakenet2022/expo/gasthoflogin">/root/fakenet/expo/gasthoflogin</a>:
+<pre><code>#!/bin/bash 
+#Script to connect to gasthof wifi
+#Pull random webpage to get login page
+# DNS must point to gasthof network, request must be by name
+# Resolves, then HTTP request gets 303 'See Other'
+#Extract magic token, then send login+token to 192.168.2.1:1000/fgtauth?<token>
+# Do it in a tmp dir to stop collecting index.html's
+
+tmp=$(mktemp -d)
+cd $tmp
+echo "nameserver 213.33.99.70" > /etc/resolv.conf
+wget http://wookware.org/
+magic=$(cat index.html | tail -1 | sed 's/^.*magic" value="//' | sed 's/".*//')
+wget -o /dev/null --post-data="username=Gast&password=GASTSECRET&magic=$magic" http://192.168.2.1:1000/
+rm -f index.html
+rm -f index.html.*
+cd ..
+rmdir $tmp
+</code></pre>
+As you can see, it attempts to get http://wookware.org/index.html but actually gets the gasthof login form, which it then POSTs to with the Gasthof password - which is not actually GASTSECRET. Get this year's Gasthof password from the reception desk and write it on the whiteboard in the hut.
+
+<p>Network rebuild script <a href="netbookfakenet/fakenet2022/runfakenet">/root/fakenet/runfakenet</a> where ${base} is "/root/fakenet" and ${config} is "expo" as set in <a href="netbookfakenet/fakenet2022/config">/root/fakenet/config</a>. (This config is a relic from the CSG script in 2014, see Historical Notes below.)
+<pre><code>#!/bin/sh -eux
+
+. /root/fakenet/config
+
+#Close down running interfaces and services
+sudo ifdown -i ${base}/${config}/netconfig eth0
+sudo ifdown -i ${base}/${config}/netconfig wlan0
+sudo ifdown -i ${base}/${config}/netconfig wlan1
+sudo service wicd stop
+sudo iptables -F
+sudo killall dhclient || true
+sudo /etc/init.d/dnsmasq stop
+sudo killall dnsmasq || true
+
+#Now bring up desired networking
+#ethernet to router
+sudo ifup -i ${base}/${config}/netconfig eth0
+#wlan1 long-range wireless to gasthof
+sudo ifup -i ${base}/${config}/netconfig wlan1
+
+#Set up hostapd for local wireless - not currently (2022) used
+#sudo service hostapd restart
+
+#Make this machine do DNS for potatohut
+#And forward external requests to the real net
+sudo dnsmasq -q -C ${base}/${config}/dnsmasq.conf
+
+#bridge/masquerade from gasthof to router
+${base}/${config}/masquerade
+
+# Log in to Gasthof wifi!
+${base}/${config}/gasthoflogin
+
+
+# Join Acer to potatohut network for admin purposes
+#sudo ifup -i ${base}/${config}/netconfig wlan0
+</code></pre>
+<h4>Other vital configuration bits</h4>
+<p>The <var>/root/fakenet/expo/hosts</var> file is just two lines:
 <pre><code>10.0.1.2 tclapsire3
 10.0.1.1 router
 </code></pre>
@@ -154,7 +254,11 @@ rsn_pairwise=CCMP
 </code></pre>
 where CAVEYBEERYPASSWORD is our usual expo password. In 2022 this capability was configured by the Netgear control panel, not by this file on the netbook.
 
-<p>The file that configures the DNS and DHCP is <var>/root/fakent/expo/dnamasq.conf</var> and it is very long with most of the lines commented out with an initial '#', so they are not all listed here. (You can read a copy of it <a href="copy-of-dnsmasq.conf">here</a>). On the netbook 'eth0' is the interface with the antenna (which is actually a USB socket) and 'wlan0' is the ethernet socket interface to the cable to the Netgear box. Some of the more relevant lines are:
+<p>The file that configures the DNS and DHCP is <var>/root/fakent/expo/dnamasq.conf</var> and it is very long with 
+most of the lines commented out with an initial '#', so they are not all listed here. (You can read a copy of it <a 
+href="copy-of-dnsmasq.conf">here</a>). On the netbook 'eth0' is the interface with the antenna (which is actually a 
+USB socket) and 'wlan0' is the ethernet socket interface to the cable to the Netgear box. Some of the more relevant 
+lines are:
 <pre><code>interface=wlan0
 dhcp-range=192.168.1.10,192.168.1.199,12h
 addn-hosts=/root/fakenet/expo/hosts
@@ -163,19 +267,23 @@ domain=potato.hut
 no-dhcp-interface=eth0
 </code></pre>
 Note the line <var>addn-hosts=/root/fakenet/expo/hosts</var> which refers to the first file listed above which defines the names of the machines for the two ends of the cable between the netbook and the  Netgear box.
-<p>The line that configures <var>crontab</var> to run the fakenet script every 60 seconds is
-<pre><code>MISSING
-MISSING - need to get this...
-</code></pre>
-<p>The actual fakenet script is
-<pre><code>MISSING
-MISSING - need to get this...
+<p>The cron job file that configures <var>crontab</var> to run the fakenet script every 60 seconds is
+<a href="netbookfakenet/70-persistent-net.rules">70-persistent-net.rules</a>. It is a single line of cron configuraiton:
+<pre><code>*/1 *  * * *     root   [ -x /root/fakenet/keepalive ] && /root/fakenet/keepalive
 </code></pre>
+where the initial <samp>*/1 *  * * *</samp> means that it runs once a minute, on every hour, day, month and year.
+
 <p> The init script which configures everything when the netbook is booted up is
 <pre><code>MISSING
 MISSING - need to get this...
 </code></pre>
 
+<h2>Buggeration - how it will all go wrong..</h2>
+
+<p>We are using an old way of configuring network interfaces in debian. Which will all break at some point when 
+someone does a debian upgrade. The scripts use the <a href="https://wiki.debian.org/NetworkInterfaceNames">
+"Predicatable Names" scheme</a> and <a href="https://wiki.debian.org/iptables">iptables</a> which are both earmarked for destruction.
+
 <h2>Historical Notes</h2>
 
 <p>Prior to 2017 we used to run an unconnected local network with our own DNS domain 
@@ -190,9 +298,9 @@ pushing the changes to the distributed version control system on
 the internet continuously and not to have our own local server. This coincided with a much-improved WiFi service at 
 the Gasthof. We continued with the wifi service in the hut but now it also connects to the external internet instead of to a 'pretend' internet (which is why the system is called 'fakenet').
 
-<p>In 2018 and 2019 we had good Internet access at basecamp, but the high-gain system  was returned to its owner (Sam) during Covid (2020-21). Wookey bought a new one, which proved to not live up to its advertising.
+<p>In 2018 and 2019 we had good Internet access at basecamp, but the high-gain system (old Alfa) was returned to its owner (Sam) during Covid (2020-21). Wookey bought a new one, which proved to not live up to its advertising.
 <p>In 2022 Wifi reception from the Gasthof was very poor. The connection script was improved so that dropped connections were restored more quickly. However the basic bandwidth with the new cheap antenna was not enough.
-<p>In 2023 a new Wifi device (the Alfa) should restore decent connectivity. We hope this will improve everything to how it was in 2019. However this Alfa has proved to be a right bastard to find the right drivers for. Wookey has had to be inventive in using an Ubuntu PPA to make it work with the Acer Aspire 1.
+<p>In 2023 a new Wifi device (the new Alfa) should restore decent connectivity. We hope this will improve everything to how it was in 2019. However this new Alfa has proved to be a right bastard to find the right drivers for. Wookey has had to be inventive in using an Ubuntu PPA to make it work with the Acer Aspire 1.
 
 <p>Also during winter 2023/23 Wookey upgraded the operating system on the Acer Aspire One netbook from the ancient Debian Wheezy it had been running to a decently almost-modern Debian distribution. This required much coaxing. 
 

handbook/i/.picasaoriginals/.picasa.ini

@@ -0,0 +1,12 @@
+[wndr4000-back.jpg]
+filters=enhance=1;fill=1,0.906542;
+moddate=63da7a35d667d901
+width=567
+height=256
+textactive=0
+[wndr4000.jpg]
+filters=fill=1,0.429907;
+moddate=03049353d667d901
+width=625
+height=409
+textactive=0