While their eggs are indeed very beautiful, I can't believe a company like Amazon is participating in the wanton endangerment of a species this way. The collection and reselling of their eggs, is the single greatest threat to the Faberge as a species.
— from an Amazon Review
In an attempt to learn enough Solaris to work out if ZFS, Sun's ultra-shiny filesystem/volume management scheme/software RAID is for me, I installed Solaris 10 on my desktop machine last night. It is possible to sleep through (most of) a Solaris install.
But this reminded me of one thing. Linux has come a long way in the last ten years. Nowadays you wouldn't stand for a distro that didn't set up networking before your first login. So imagine my surprise when I discovered that I had no networking. And that the "Docs" directory on the install DVD was empty. The documentation lives on the Internet.
On the plus side, it can't get much worse than this... can it?
As asked by someone at the Young Adults group this evening, about the book of Ecclesiastes:
Was he writing it for other people to read ... or was it a blog?
Since someone asked, here's how you turn off NAT on a Meraki mini.
First, SSH as user "meraki" to your Meraki's IP. If you're connected to the internet via it, you can connect to the 6.x.y.z IP printed on the bottom. The meraki's serial number is the password.
Then, add a line "iptables -t nat -D POSTROUTING -j MASQUERADE" to /storage/late-init.sh
Finally, reboot the meraki.
At this point you'll discover that you can't get to the internet any more. The meraki is now happily sending packets with source addresses in the 6/8 and 10/8 range to your router -- you need to route those ranges to your meraki's IP.
This won't let you change the way the merakis assign IP addresses to users, so they'll still be assigned addresses out of 10/8. But at least now you can do the NAT yourself, and look at traffic flows before NAT.
In my last post, I said that the traffic over the encrypted tunnel that the meraki mini sets up back to the mothership at meraki.net included some SSH traffic. I've now, utilising a hacked dropbear sshd, managed to see what's in those ssh sessions.
Alas, it's not too exciting. A ruby program is uploaded and run, and it produces some status information in XML. That's it. No conspiracy. And still no closer to working out how to change IP address assignment.
I'm still playing with the Meraki mesh routers, trying to find a way to set them up in a configuration approprate to a community wifi network.
I have now worked out how to turn off NAT, which helps. Still not much of an idea of how DHCP works, but it involves click, and doesn't seem to require hitting meraki's servers. So there's not a lot I can do about it. Lots of configuration and status information ends up going over an encrypted tunnel to meraki, but tcpdump lets me see what's going on. Unfortunately some of this data is ssh traffic, so I may have to hack dropbear to dump unencrypted SSH streams to disk.
In my attempts to try and work out how IP addresses are assigned, I've been looking at what happens when you connect to a meraki network. The captive portal stuff seems to work by redirecting you to a meraki.net URL that includes your MAC address and IP. When you log in, an HTTP request comes over that encrypted tunnel to your router of the form "GET /auth.cgi?client=10.x.y.z&duration=0", which presumably prods things into logging you in.
Haven't yet libipqified my IP layer learning switch, or added the tunneling and captive portal features. The plan is to end up with a captive portal that lets you log in to a network ("free community network", "internet 4 money", etc), and based on this choice sends your default route down an appropriate tunnel along with a request that your /32 be routed back in that direction.
My shiny new MP3 player arrived today. It bears a striking resemblance to MP3 players produced by a certain large company named after a type of fruit.
It plays WMA but not AAC, and comes with crappy earbuds that look remarkably like those that come with certain other MP3 players. It's not wonderful, but it works, and it's so tiny!
The manual is very obviously a manual for a more popular MP3 player, with "MP3" photoshopped in over the top of that player's name, and the name of its manufacturer. In a different font.
The Meraki Minis I ordered last week have arrived. They're little WiFi mesh routers designed to make sharing your internet connection with your street stupendously easy. They're also very cheap -- USD50 ea. And are tiny! Many appeared in a box:
They don't come with much documentation (but then, they don't need it):
I've already set up a small network in the flat to test them out:
I ran out of NZ<->US power adapters, but the bathroom held a solution:
So, now to find something useful to do with them...
So it seems that I'd forgotten to make sure my CGI script reloaded (I'm using persistentperl), so my RSS feed was still horrible. But that's fixed, now, and I've even added publication dates to the items in the feed. And feedvalidator.org claims it's correct RSS!
In demonstration of my limited electronic skills, I now have a small 4 AA battery pack attached to an inline PS/2 socket. Perfect for powering my GPS module.
Now to write some palmpilot software to do something useful with my position. And work out how to mount the palmpilot onto my bicycle.