Setting up the network interfaces is something that seems to give people a hard time (clearly visible here: http://docs.openstack.org/grizzly/basic-install/apt/content/basic-install_network.html). If you follow that guide, one of the most confusing points is how the Open vSwitch fits into the existing architecture.
Assuming you are following the guide, you have 2 networks:
10.10.10.0/24 -> private
10.0.0.0/24 -> public
Your Network Controller, again per the guide, will have an internal-network interface of “10.10.10.9″ and an external-network interface of “10.0.0.9″
Your starting network config (/etc/network/interfaces) file will look like this:
# Internal Network
iface eth0 inet static
# External Network
iface eth1 inet static
Now, you will first install the packages needed:
Then you will start the Open vSwitch:
Recently, while setting up my the network controller for OpenStack, I saw this message:
# tail -f /var/log/quantum/openvswitch-agent.log
ERROR [quantum.plugins.openvswitch.agent.ovs_quantum_agent] Failed to create OVS patch port. Cannot have tunneling enabled on this agent, since this version of OVS does not support tunnels or patch ports. Agent terminated!
What this means is that the versio of the datapath (shipped by Ubuntu) does not have the support needed to create tunnels or patch ports. This happened on Ubuntu 13.04.
Fortunately, it is VERY easy to solve this. You need to simply build your own datapath for your kernel. For this, you OpenvSwitch’s datapath source, and you need module-assistant:
You can then grab your kernel headers and any other dependencies:
I noticed that either the kernel headers do not have the version.h in the right place, or the module-assistant looks in the wrong place. You can solve this by doing:
ln -s ../generated/uapi/linux/version.h .
And finally, to download, build, and install the modulle:
Now, reboot your system so that the new module is loaded, and you are ready to go. You will notice that “/var/log/quantum/openvswitch-agent.log” no longer has this issue.
Disclaimer: I wrote this myself and posted it first on PinStack.com. Then I posted it on CrackBerry.com. I am re-posting it here because I think it will benefit people, and I would like to save a copy of it.
[I am going at this from truly personal experience, along with some background so that you know what kind of an user I am. If you are interested in the specs and overall usage, there are thousands of reviews. I hope that people will appreciate this a bit more than a typical "i used it, it made phone calls, it lasted 12 hours, the screen is small, the back over heated, the keyboard was amazing, it's not an iPhone or Android and there are no apps" review]
First – a bit of background about me and cellphones: to call myself a cellphone enthusiast/a power user, or someone who is obsessed with cellphones would be kind of like calling Tiger Woods “ok at golf” or the Bugatti Veyron “faster than a honda”. To give you some quick numbers: I’ve gone though >30 phones in ~4 years (many many more since the early part of 2000), I have switched through each major US carrier about ~5 times, and in the whole process, I have only paid a cancellation fee twice. [Please note that I have really toned this down lately - mostly because carriers like Samsung have found a way to push a new device every 3-4 months without doing anything exciting and ground breaking.]
Let’s say you are at a coffee shop with public internet access, and you don’t want someone snooping on your traffic, so you VPN to your work. However, you also don’t want to tunnel personal stuff out of your work VPN (chat, facebook, youtube, your personal email maybe?), so the question becomes, how do you create 2 different firewalls – one that ONLY allows you to VPN and does not allow any other applications access, and one that then controls the traffic within the VPN channel so that you can utilize the connection for some apps but not others?
At this point, there are only 2 “methods” of running a Firewall on Android: having root and managing/accessing IPTables, or, the only alternative – creating a sub-VPN channel that you pipe the traffic over and filter (which does not require root). Unfortunately, the second type (without root) will not work for this, since we will need to utilize the VPN channel ourselves for our VPN, and to my knowledge, Android let’s you setup only 1 active VPN channel. So, you need 1.) a way to root and 2.) a good Firewall
I read an interesting article last night which highlited some problems with the way SSH process communication happens. I am writing a post about it because it is so simple and yet so effective.
Here is the scenario:
Let’s say that you have a linux system running the latest set of patches/OpenSSH. You have multiple users on the system, and one or more of them have sudo/su/escalated privileges. The idea is that when user ‘A’ connects to the system, user ‘C’ will be able to sniff out their password.
The idea is that almost all ssh daemons by default are configured to use “Privilege Separation”. This means that sshd spawns a process (child) that is unprivileged to listen for incoming network requests. After the user authenticates, another process gets created running as the authenticated user. The magic happens in between these two processes.
A simple example:
User ‘C’ ssh-es into the system, escalates their privledges (either by legitimate or non-legitimate means) and starts listening for newly created ssh ‘net’ processes. As soon as user ‘C’ sees a process being crated, they immediately attach strace to it.
A simple way to do it is by:
or even better:
This will be my last post about the Google Nexus S since I just purchased (and received) my Nexus 4. That said, I really wanted to give one last update on the Nexus S since it looks like things have changed quite a bit with the update process. While it looks more complicated at first, it’s actually a lot more flexible now. Here is how to upgrade your Nexus S manually to a full 4.1.2 Jelly Bean, even if you have not received it yet/are in a country where the updates are not coming in, or are on a carrier which is not pushing OTA updates.
The first step is to go to Google’s Official Factory Images for Nexus Devices
Now, you have one of four choices for sections, based on your phone:
- If you have the (MOST POPULAR) T-Mobile or ATT (GSM) version of the Nexus S, go to: “Factory Images “soju” for Nexus S (worldwide version, i9020t and i9023)”
- If you have the Sprint (4G) version, go to: “Factory Images “sojus” for Nexus S 4G (d720)”
- If you have the Korean version (VERY RARE), go to: “Factory Images “sojuk” for Nexus S (Korea version, m200)”
- If you have the NON-1Ghz (STILL RARE) version, go to: “Factory Images “sojua” for Nexus S (850MHz version, i9020a)”
Let’s assume you have the T-Mobile/ATT one since most people have that.
You will want the “4.1.2 (JZO54K)” image, which you can download from their official link:
I walk outside listening to Pandora quite a lot, and today I realized that I miss about half the SMS’ that I get. Either because it’s too noisy, or maybe because the SMS’ are not loud enough and I use a single beep, or because the sound trigger gets interrupted by Pandora, but either way, it’s a bit annoying. I have been considering some sort of a solution that will play incoming SMS messages when my headphones are plugged in for quite some time, but I couldn’t think of an efficient way to do it — that is, efficient on the battery. I think I came up with one today.
The idea behind this Tasker program is the following:
There are two Profiles: ‘Detect Headphones‘ and ‘Play Text Over Headphones‘. Only one Profile has to be actually active at all times – the Detect Headphones one. When you plug in your headset (with microphone, or just regular headphones), the profile sets a variable %HEADPHONES to ‘yes’. It then turns on the second Profile – the one that monitors incoming SMS messages and plays them over the headset if your %HEADPHONES variable is set to ‘yes’.
The general idea behind this is that it utilizes my original Blackberry Sound Profiles for Android and it adds a “timer” element which can be set. Upon setting the timer, it will set a temporary task until the timer runs out. The idea came from one of my visitors who asked me how to do this. At first, I had no idea how to do it. About 30 minutes later I had a semi-working prototype. Another 3 hours later (had to figure out how Scenes worked and interacted with variables and the rest of the system) I had the final version with a working GUI.
The first thing that you need are my Tasker Blackberry Sound Profiles found here: (http://blog.vpetkov.net/2011/05/10/my-tasker-program-blackberry-sound-profiles-for-android). If you don’t have them yet, follow the super quick “Getting Started” section. Once you have the tasks and you have them working (if you want this to work out of the box, grab at least the “Work” task and the “Sleep” task), download the Timed extension:
Note: You need the current BETA to import this profile: http://tasker.dinglisch.net/beta.html (1.2.1b4m)
Now unzip it and follow the same steps from the original post – grab the “Timed.tsk.xml” file and import it into the the Tasks tab, and then grab the “TimedScene.scn.xml” file and import it into the Scenes tab. Go to your home screen and create a Tasker widget of your “Timed” task. Every time you select this task, it will pop a box which will let you use a slider or directly type in a number. After this, when you hit “Set Profile”, the temporary task (by default “Sleep”) will get activated for the number of minutes you set. After that time period it will go back to the other (by default “Work”) task.
This is an update to the article “My Tasker program – BlackBerry Sound Profiles for Android” (http://blog.vpetkov.net/2011/05/10/my-tasker-program-blackberry-sound-profiles-for-android). Download the new file here, read through “what has changed”, and “what I have updated”, and then definitely read the original post (url above) as it contains all the details and how-to information.
What Has Changed:
There are a couple of things that Google has drastically changed in ICS 4.0 when it comes to Sound, Vibrate, and Volume.
First of all, they have greatly simplified the Sound Settings. The Volume menu now contains: “Music,Video, Games, and other media” as one volume toggle, then “Ringtone and notifications” as another, and Alarms as a third. Something to note here is that the keyboard “clicking” sound can now be found under the keyboard settings -> under Advanced.
The Second change is the way “Vibrate” has been re-implemented. The new “Silent Mode” controls three things currently: Sound, Mute, and Vibrate. This is important as this was completely broken on 2.3. The next thing to note is the “Vibrate and Ring” option, as this has a negative effect when toggled on via Vibrate (it’s still sticky for some reason, but due to Silent Mode being fixed, we can now un-toggle it via Tasker).
Google has released ICS (Ice Cream Sandwich) – the next version of the Nexus S OS (ICS 4.0.3- IML74K), and once again, I am posting it directly here — mostly for people who have not received it yet, people who are using a jailbroken phone, or people outside of the US who do not get the updates.
If you are on GRK39F (2.3.6), you can apply only the small update:
Again, this is directly from google (it is even linked to google), and you should follow the 7 steps from the http://blog.vpetkov.net/2011/03/11/google-nexus-s-update-manually-to-2-3-1-2-3-2-and-2-3-3/ article.
Please note that the above update is the ~128 MB update, and will only work if you are on 2.3.6 GRK39F. This is NOT for people who are running jailbroken/custom roms.
If the above doesn’t work, OR if you are using a jailbroken/custom rom, of if you have another version before 2.3.6, then I suggest doing the full 4.0.3 (IML74K) flash:
This is the ~161 MB image. You can use the same 7 steps from the link above.
If you are having problems with the update above, this is the full factory restore and it should work without any problems.
Please post comments if you have any problems, or if you just want to post that it works!