Notice: register_sidebar was called incorrectly. No id was set in the arguments array for the "Sidebar 1" sidebar. Defaulting to "sidebar-1". Manually set the id to "sidebar-1" to silence this notice and keep existing sidebar content. Please see Debugging in WordPress for more information. (This message was added in version 4.2.0.) in /usr/share/wordpress/wp-includes/functions.php on line 4139 Tech Notes » 2010 » August

PPTP on iPhone: Changes iPhone3 to iPhone4

Uncategorized No Comments »

A while ago, I configured PPTP so that my friends in China’s firewalled world could get their Facebook and Twitter fix. … cuz, we all know we need that constant poke-poke-poke.

The config I had was very much like “Tim” wrote on Shared Know How on Sept 28, 2008 — in fact, it’s a very basic, standard config, it’s a bit difficult not to wander onto it by accident (although Tim’s article is quite useful to paint the solution and validate that “yes, it does work” — and validation is not to be understated).

The iPhone4 didn’t connect to that setup anymore, and there was very little indication why:
Aug 31 19:28:20 usloft1645 pppd[9875]: Connect: ppp0 /dev/pts/1
Aug 31 19:28:20 usloft1645 pppd[9875]: Unsupported protocol 'IPv6 Control Protovol' (0x8057) received
Aug 31 19:28:20 usloft1645 pppd[9875]: MPPE required but peer negotiation failed
Aug 31 19:28:20 usloft1645 pppd[9875]: Connection terminated.
Aug 31 19:28:20 usloft1645 pppd[9875]: Connect time 0.0 minutes.

So lacking any real diagnostic methods, I began randomizing on the configs around MPPE. Damned if it wasn’t as easy as just dropping the requirement for MPPE:

(/etc/ppp/options.pptp)
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
#require-mppe-128 -- works with iPhone1-3, fails with iPhone4
ms-dns 192.168.0.1
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd

I’ll need to clean up this entry a bit, but that’s the change so far, and it’s connecting. I’ll see too if I can find compatibility setting to get MPPE back, since this drops out payload-protection on a VPN which users may assume is usually secure from prying governments eyes.

In Summary, the working config right now is:

(/etc/ppp/chap-secrets)
(where “username1” is actually a user’s username, and “password1” is his/her plaintext password, but “*” is actually an asterisk)
username1 * password1 * # some comment ...
username2 * password2 *
...

(/etc/ppp/options.pptp as above)

(/etc/pptpd.conf)
option /etc/ppp/options.pptpd
localip 192.168.0.1
remoteip 192.168.0.128-191
debug

(/etc/ppp/ip-up.local)
# a bit heavy-handed, but gets named listening on the internal interface faster
rndc reload

This last file is a bit unusual; I found that although BIND is configured (named.conf) with the 192.168.0.1 interface to provide recursion and service, it would stop listening on the PPP link when the last connection closed:

Aug 31 19:42:54 usloft1645 pptpd[9915]: CTRL: Client 24.18.213.241 control connection finished
Aug 31 19:48:30 usloft1645 named[20202]: no longer listening on 192.168.0.1#53

This heavy-handed smack in ip-up.local causes it to listen on the 192.168.0.1 ppp0 interface again:
Aug 31 19:28:50 usloft1645 pppd[9916]: Connect: ppp0 /dev/pts/1
Aug 31 19:28:50 usloft1645 kernel: PPP Deflate Compression module registered
...
Aug 31 19:28:50 usloft1645 pppd[9916]: local IP address 192.168.0.1
Aug 31 19:28:50 usloft1645 pppd[9916]: remote IP address 192.168.0.128
Aug 31 19:28:50 usloft1645 named[20202]: loading configuration from '/etc/named.conf'

inetdxtra — small and specific for a clean embedded system

Uncategorized No Comments »

I ran across Rawson-Tetley’s interesting inetdxtra project — looks like a great addition to buildroot when I have time. Ahhh… *sigh*… spare time…

Take a look when you have a chance, the author has created small/feature-limited SMTP kicker, DHCP with extras for Hauppage v1, Hauppage v2+ kicker, tiny workgroup we’re-all-friends jabberd, HTTP proxy, etc. The author shares my desire for an idle system to truly have zero apps running… as opposed to apps hanging around just for the monthly update (jusched, I’m looking at you…)

His umlspeed is fairly cool as a development tool 🙂

Maildrop Changes

Uncategorized No Comments »

We use the Maildrop app extensively on our Macs at my work.

I’ve edited it to add:

1) copying: when a new “related to what” is chosen, if there’s a “related to who”(m) already selected, the “what” never goes to attachments. Copying (“n/a”, “who”, “what”) now selects which will cause a copied value on any change of selected items.
2) check length of subject, give the user a chance to truncate (this is a version-2.1 behavior)

Seems to have one bug: the submission still has too-long subjects, so I’m looking for a screencap to show what’s up.

Update: 2010-08-12 Fixed the Subject-truncation; new version made available.

I’ll attach a patch someday… this version still needs cleanup.

SBG6580 and Guest Networks

Uncategorized No Comments »

I’ve had a few problems with the SBG6580 — and some on the guest network setup, so they’re not obvious while it’s just me.

Today I had to back out the dual-channel setup — a client who was connected just fine on the Primary SSID could not get internet access through a good-signal connection on the secondary SSID. Dropping out Bridging and Dual-Channel (40MHz) (Wireless->Basic page (the link works if you have your default subnet configured)) resolves.

Frustrating. I know both dual-channel and secondary/guest SSID are unusual features, but lacking any ability to raise exceptions (ie SNMP traps or polling — although rsyslog is offered) I’m not 100% satisfied with this. Why sacrifice features commonly available on other platforms to provide new, flashy ones?

SBG6580 and Comcast

Uncategorized No Comments »

When I got my SBG6580 to work with Comcast, there was a bit of a problem, but it was quickly fixed.

As a reminder, the SBG6580 is similar to the SB6120 (I put a quick link if you wanted to find that to see what I’m talking about) but has four ethernet ports, so it’s like mating a small 4-port hub with the SBG6120

Normally, Comcast wants the HFC MAC — mine ends in “A3” — that one can get an IP from Comcast, and they can manipulate the modem directly, but the tech at Comcast indicated there were problems in what he was seeing.

Instead, using the Gateway MAC — mine ends in “A4” — works fine, except that there’s no time service offered, so my modem thinks it’s always 8am. It would increase in time, but Comcast seems to like to reboot my modem.

Also, any time you speak to Comcast, they’re going to cut off your modem. It seems to be what they do. Every time “oh, I just have to make an edit in the config” is what they tell me, then we go through a reboot (second reboot — I do reboot the modem before calling them) and it works fine. Case-in-point: I gave back the pre-SBG6580 modem that comcast rents, and within a minute of the guy accepting the modem, I was punted offline again. Maybe it’s just a reeeeeally big coincidence.

Still no sight of GPL code.

WP Theme & Icons by N.Design Studio
Entries RSS Comments RSS Log in