Technical Playground

Quick Powershell Command to Get External IP

Going through some notes and came across this quick script to get the external IP address of a Windows system running Powershell (I believe 2.0 and later.) This simply queries ip.appspot.com to get the public facing IP address and prints to screen / script / etc. Useful for quick remote commands if you have any level of commandline access but not a full GUI.

1
powershell -Command “(New-Object Net.WebClient).DownloadString(‘http://ip.appspot.com')”

Nand2Tetris - Elements of Computing Systems

I’ve been working with computers for a very long time – starting with an Apple IIe and a bunch of things in between. I never owned an Apple II, and my mother was not very forgiving of me investigating how our home computer worked many years later (never mind the fact that I did correctly install the sound card…) Anyway for one reason or another, there have been a lot of missing pieces in my understanding of computers. This is fairly common – any sufficiently large task requires abstracting away underlying details, only digging in when it matters.

A couple years ago I first heard about “The Elements of Computing Systems” – the basic idea is you build a computer from the ground up with nothing but a NAND gate (and later a FlipFlop.) Progressing from basic boolean logic gates to ALU to Memory structures to computer to assembler, compiler, OS, etc… This sounded awesome when I first heard about it and immediately purchased the book. Like so many things, I started looking at it but never really worked through much of it until about a month or so ago. Speaking with a college, we were discussing how to understand computer assembly language and what it really meant. I happened to mention the book in question and a very freeform study group was formed.

Thus far I’ve built a ton of logic gates, built an ALU (Arithmetic Logic Unit,) and worked through some basic memory structures. So far I’d say that beyond a better understanding of boolean logic I’ve finally developed an appreciation for where hardware and software are different. In dealing with things like FPGAs I’ve always heard that you program a computer (or micro controller) but you describe an FPGA (i.e., what it is, not what it does.) This didn’t make a lot of sense until working through some of these chapters. I had no real idea what a MUX was logic wise until now – I now would call it my favorite. The idea of LSB / MSB (bit in this case) finally makes sense.

I’m being a little vague here due to a few requests from the creators – they do ask that no solutions be posted in public as everyone should be able to work through these themselves. I definitely understand things so much better after the first 3 chapters – I can’t wait to finish the rest. If you’re looking to add a bit of understanding yourself, I can’t recommend this enough.

First 6 chapters are free on http://www.nand2tetris.org – others are in the book.

Fear

When I was 7 or 8, my daycare program had us go to the local pool for swimming lessons. And diving lessons. And I stunk at both. I remember standing on the low springboard – and couldn’t make myself jump in. I was too afraid – too worried that I’d get hurt, that I couldn’t swim to the side. Of course, completely unable to realize if there was any sort of problem that a bunch of people would be on me in a heartbeat.

I’ve been running into a weird feeling lately of fear – not fear of specifics, but almost a fear of doing. Somewhat a feeling of guilt, but also just plain fear of spending time on certain projects. I’ve been fighting with pinball ideas for a long time now, and finally I believe I have all the parts needed to test a remote serial port for a pinball machine. It feels like stupidly low hanging fruit, yet for some reason I’m afraid to try it. Is it that it won’t work? I don’t think I’d care that much as I have other ideas that I’m even more certain will work.

Is it a fear of “wasting time?” Perhaps – I do have an infant daughter that I adore and want to be there for as much as possible. Not to mention making sure my wife doesn’t go insane trying to find time for sleep, getting things done, etc. But I also know that in order to continue to be a good parent, I need to grow. And unless I do projects / tinker / etc, I won’t grow. I could stay stagnant, probably even for a few years, and continue to have work. I wouldn’t be happy, and eventually the time would come that my skills were out of date. I need to make sure I try new ideas, new areas, etc. If nothing else so that I instill that feeling in my daughter – the feeling of curiosity – the feeling of making, of getting something accomplished.

And yet, I fear something. Nothing consequential – nothing real, but yet I hesitate. We’re talking about maybe 2-3 hrs to see if something works – I can waste that on a movie without even realizing it. What use it watching something inane when I could have something that could accomplish a feat a lot of people would think was cool. Hell, even if that weren’t the case, does it even matter? I don’t practice jiu-jitsu to be “the first” – I practice it to be better for myself. Maybe it’s more like jiu-jitsu than I imagine – there have been many moves I’ve learned so far that I was scared of. Too many things that I’ve paused over for fear of hurting someone and possibly getting hurt myself. But eventually I get to the point where it’s routine and I don’t even think about it when I do it.

Been listening to various Startup oriented podcasts lately and the topic comes up on occasion of what if you could only work 2-3 hrs a day on something. What would you do? Could you still be successful? Or more importantly, what’s the minimum that you have to do to be successful? So why the heck aren’t you doing it?

I have to sit and ask myself “why the heck aren’t you doing this?” – I’ve always regretted not jumping off that springboard – I don’t want to keep regretting delaying growth either…

Fun With SSH Port Forwarding

SSH Port forwarding is a pretty magical bit of functionality – if you have SSH access to / from a device, you can work your way through most anything.

Some basic terminology:

  • Port forwarding – setting up a port and sending the traffic to a specific destination on either end of the SSH connection
  • Local forwarding – Setting up a listening port on a local interface (often the loopback) that forwards traffic to a destination accessible by the remote system. Can also be shared with other devices on the local network.
  • Remote forwarding – Setting up a listening port on an interface on the remote end of the SSH connection (i.e., the SSH server end.)
  • Dynamic forwarding – a local SOCKS proxy that forwards all traffic remotely so it looks like the connections are coming from the SSH server itself, not the local system.

So here are some basic “recipes” I use often with my SSH connections. Note these are all using the typical Linux / Mac SSH client (OpenSSH.) PuTTY is capable of most of these setups as well.

  • RDP based port forwards

Sometimes I need to connect to Windows RDP services across an SSH connection. If I setup a local listening port (3389 or others), I can forward that to the server in question. For example

1
ssh -L3389:rdpserveripaddress:3389 user@sshhost 

Once connected to the SSH server I can open an RDP client and connect to the local host on port 3389. Any traffic is automatically forwarded to the rdpserver on 3389 and the connection is active.

  • Dynamic forwarding

If you’re connected to an guest network (i.e., a coffee shop wifi network) you may not want your traffic visible to anyone monitoring the connection. An easy way to remedy this is with Dynamic port forwarding. This is configured with a simple -D option:

1
ssh -D 5544 user@sshhost

Once connected, you’d setup your web browser to use a SOCKS5 proxy on port 5544 on the localhost. Any web traffic would then be passed along to the SSH tunnel and the traffic sent back to you.

  • Remote forwarding to gain access to a fire walled server

SSH remote forwarding is somewhat rarely used but it can be incredibly powerful for gaining access to the inside of a network. This can be used to bypass firewalls, NAT, etc. One method I use to setup a simple SSH capable device (OpenWRT router, Beaglebone, Raspberry Pi, etc) and have it make an SSH connection outside to a server on the internet. Once connected, it sets up a remote port forward to listen on a port on the remote system that forwards traffic back to the local SSH server. In other words:

1
ssh -R 2222:localhost:22 user@sshhost

Now anyone with access to sshhost can run the command “ssh -p 2222 localhost” to access the local ssh server.

  • Remote forwarding for local web server testing

In a similar vein to the SSH access, you may want to allow a client access to a web server you’re running remotely. There are some services that do this, but sometimes it’s helpful to create something completely in your control.

1
ssh -R 8080:localhost:80 user@sshhost

This would give anyone accessing the remote server on port 8080 access to the local setup.

  • Internet of Things devices shared via remote forwarding

A final option would be to use a locally connected IoT device sharing its interface to the world over a remote SSH port forward. This works exactly the same as the other port forwarding except the traffic is going to a different destination on the local network vs the SSH client itself.

1
ssh -R 8088:IoTDeviceIP:80 user@sshhost

Now anyone accessing 8088 on the sshhost now has access to the local IoT device. This works fantastically well for any device that may be mobile / etc – it can connect from wherever it is, and in whatever network configuration (as long as it can reach the SSH host) and provide access to any local services.

Note that you may need to allow GatewayPorts in your SSH server configuration.

  • Updating forwarding options on an existing connection

Sometimes I want to add more forwarding options after I’ve already opened a connection. Pressing “~C” will open the SSH command prompt where you can do any of the following:

Commands:

  -L[bind_address:]port:host:hostport    Request local forward
  -R[bind_address:]port:host:hostport    Request remote forward
  -D[bind_address:]port                  Request dynamic forward
  -KL[bind_address:]port                 Cancel local forward
  -KR[bind_address:]port                 Cancel remote forward
  -KD[bind_address:]port                 Cancel dynamic forward

This makes it very easy to add or remove forwarding configurations.

Intel Graphics Installer on Ubuntu 14.04 X64 LTSP Clients

This is a quick description of how to install the Intel Graphics Installer on an LTSP x64 Fat Client (or Thin Client.)

Why?

For when you need to update to the latest driver versions available on an LTSP Client. In this case, the drivers were needed for an Intel i3/i5 NUC platform acting as the fat client.

Um… ok, but why not do…?

I’m sure there’s a cleaner way to discover this, but the process took a bit of maneuvering to figure out. My original process involved trying to install the package in the client chroot, which basically adds an installer binary (intel-linux-graphics-installer.) Said binary requires X-Windows to run. Setting up a remote X redirect (ssh -X…) gets a little further, but won’t run because you don’t have an Intel graphics chip installed. NOTE – You actually might have said chip, but I was installing on a server without said hardware. A little more cajoling allowed me to run the setup scripts on the fat client and analyze the changes, then apply them to the actual chroot / client image.

Actual Steps

Last Tested in June, 2014

In the client chroot:

  • Edit /etc/apt/sources.list.d/intellinuxgraphics.list
  • Add
1
deb https://download.01.org/gfx/ubuntu/14.04/main trusty main # Intel Graphics Drivers
  • Save the file
  • Run
1
2
wget --no-check-certificate https://download.01.org/gfx/RPM-GPG-KEY-ilg -O - | \
sudo apt-key add -

  • Run (yes, it looks similar, but not quite)
1
2
wget --no-check-certificate https://download.01.org/gfx/RPM-GPG-KEY-ilg-2 -O - |
sudo apt-key add -

  • Run
1
apt-get update
  • Run
1
 apt-get install i965-va-driver:amd64 libva-drm1:amd64 libva-egl1:amd64 libva-glx1:amd64 libva-intel-vaapi-driver:all libva-tpi1:amd64 libva-wayland1:amd64 libva-x11-1:amd64 libva1:amd64 vainfo:amd64
  • Run
1
 apt-get upgrade

Once complete, you should now have the same packages installed after running the intel-linux-graphics-installer manually. I haven’t tried it, but the same option should work with 32-bit systems if you remove the

1
:amd64

option from the package names.

Enable Auto-Start for Currently Running Virtual Machines in XenServer 6.2

After experiencing a power hit the other day, I noticed that none of our virtual machines on a XenServer 6.2 host auto-powered on. Looking in the XenCenter client was no help as the option to enable VM Start on Boot was not present.

A bit of quick Googling provided the following document that basically explains the Auto-Start functionality was removed due to conflict with some high-availability options in XenServer pools.

Given that the server in question is stand-alone, the HA options were useless to me so I proceeded to read how to enable the Auto-Start.

Making it easier

The document provides great instructions on how to enable Auto-Start, but it does so on a one-by-one basis. The XenServer host I was working with has approximately 40VMs, with 25 or so running at any given time. Feeling lazy, I first enabled the pool parameter (outlined in the above link) and verified all the VMs that needed to auto-start were currently running and ran the following bash one-liner

1
2
3
4
5
for f in `xe vm-list power-state=running |
grep uuid | cut -d ':' -f2 | cut -d ' ' -f2`;
do echo "Enabling Auto-Start on $f";
xe vm-param-set uuid=$f other-config:auto_poweron=true;
done

Splitting this up a little…

  • The typical for..in loop in bash gets a list of uuids from the content in backticks.
  • xe vm-list power-state=running gives a list of all the currently running VMs. Note you can use a different state to get a different list of VMs to suit your needs.
  • The next three piped commands, grep uuid | cut -d ':' -f2 | cut -d ' ' -f2 grab the line from the vm-list with the uuid and get the actual uuid from the text.
  • We then feed that through the loop and set the auto_poweron option to true for each of the uuids in question.

Enabling the option on 25+ VMs took about 5 seconds vs manually sorting through everything.

New Dropcam

Background

We’ve fiddled on and off with some IP cameras over the years with varying levels of luck. The previous attempt was using a bunch of Foscam Pan & Tilt cameras. Viewing, pan/tilt, etc worked well but controlling them remotely left a lot to be desired. This was mainly due to not spending enough time with ZoneMinder to make it work properly. Regardless, I wanted to try something else.

Enter the Dropcam

My wife recently saw a post of someone catching a burglar via a motion detecting camera and it opened this realm of discussion again. We did a little research and it looked to be a Dropcam, so we decided to try one. Ordered on a Sunday, shipped on Monday, got it Wednesday, finally had time to set it up on a Friday.

The setup was about as simple as it could be:

  • Open the box
  • Plug the Dropcam into your computer using the provided USB<–>micro-USB cable
  • Run the setup program
  • Create a new Dropcam account
  • Tell the camera which WiFi network to join and provide a password
  • Unplug the camera from your computer and place it where you want it
  • Wait for it to connect and view your camera

The web-based viewer didn’t work for me in Safari because I don’t have the Flash plugin installed. Using Chrome worked without a hitch and allowed me to view the camera, any clips, and modify my alerting / motion detection settings. I walked in front of the camera and got an e-mail alert within about 20-30 seconds with a link to the video in question. The quality was acceptable to pretty good depending on the lighting and definitely met my requirements.

Next up comes the iPhone app. Downloaded from the AppStore, logged in, and our camera appeared. Live camera views worked perfectly and had about a 7-10 second delay. Portrait / Landscape view works as expected. I then left my phone in the office and walked in front of the camera again, then returned to the office to check for a push notification on the phone. Nothing. I realized I had the app open already so no push, but the event was available. Closed the app completely, tried again, and within 20 seconds we had our push notification.

Motion Detection

One of the features I’ve been worried about is the motion detection algorithm. Our previous attempts have resulted in too many alerts / recordings to validate what actually happened. These were often due to a cat running by, and sometimes even minor changes in lighting as the day went on. Using something like ZoneMinder, we had hundreds or even thousands of short clips to try to decipher. No such problem (at least not yet) using the Dropcam. My wife and I could walk through and the detection picks up everytime in daylight, and most of the time using the night vision mode. When a cat runs through, the algorithm seems to ignore the small level of change. We’ve yet to try it with the dogs but it could be 50/50 depending on the amount of movement. Overall, I’m pleased with this part of the setup.

Other Features

The Dropcam appears to include a two week trial of the DVR service. If there’s anything about the service I’m a little iffy on, it’s the whole cloud-based nature of the product. I’m typically not a fan of something that relies entirely on a cloud configuration to run, especially not something like camera data. That said, there are distinct advantages to the cloud component (automatic recordings, auto storage management, easy access from anywhere) so I’m trying to give it a fair shot. So far I like the feature set and things work as expected (though I would like to delete some clips from the app.) It does use a bit more bandwidth than I’d like, but that’s more an issue with my slowish upload speeds rather than the Dropcam itself.

The sound / microphone leave a little to be desired but this isn’t a huge issue for me. We were able to get the audio working properly from a phone to the speaker on the camera, but not vice-versa. I’m not sure if there’s a setting for this yet (Audio is enabled) but it should work fine for our purposes (perhaps confusing the cats / etc.)

Another feature I’m interested in is the scheduling component. I haven’t had time yet to configure and test this but I could see wanting to disable both the camera and the alerts at certain times of day. Another very interesting feature is disabling the camera based on the location of our phones (ie, don’t record or alert when I’m home.)

Conclusion

Pros

  • Incredibly easy setup (15 min, including creating an account)
  • App / Website work as expected and provide a pretty good UI
  • DVR service works as advertised
  • Scheduling options appear well thought out
  • Quality is acceptable to good depending on lighting

Cons

  • Price is a little higher than I’d initially like ($150) though this is likely me being a bit cheap. Mixed with the DVR charge, this could get expensive depending on the number of cameras.
  • No method to tweak sensitivity (again though, this is a double-edged sword.)
  • No option for local storage
  • No API / Webhook interface (I’d love to have the camera do a bit more than email / push notify me depending on its use. This could also ease the need for local storage options if an auto-download was available.)

Overall, I’m pretty happy with the Dropcam and am impressed with the package as a whole. My cons list is mostly a nit-pick and I would definitely recommend this solution for any non-techie over a DIY setup. Time will tell whether we buy more of these but I could see a couple more arriving soon.

Simple Bluetooth LE USB Keyboard

Background

I’ve been interested in Bluetooth LE ever since going to WWDC 2012 during the CoreBluetooth sessions. An easy, wireless, no-MFI (Made For i) device interface to do pretty much whatever you wanted. Unfortunately, like a lot of my ideas, my time to work on it languished more than I’d care to admit. Recently, I came across a different problem – interfacing with embedded computers without requiring a separate keyboard and mouse. The idea hit to try using a a BLE device with a USB interface to emulate a keyboard and control it via my iPhone.

Initial Experiments

For simplicity’s sake, I started with an Arduino Leonardo and one of Red Bear Lab’s BLE shields. This shield uses one of the Nordic NRF8001 chips. I was able to get the BLE test applications working properly but this did nothing for any kind of keyboard setup. I found a webinar and some details on how to modify the shield code and interface more directly with the Leonardo. The nRF8001 is a SPI-ish device and setup is controlled by whatever Arduino library (or other microcontroller) you prefer. I experimented with this a bit further but never got everything working the way I wanted.

I moved on to a different shield, one of Dr. Michael Kroll’s BLE-Shield 1.0 devices. These use the BlueGiga BLE-112a devices (which are in turn TI CC2540 based) and are pretty flexible. The board is a little expensive (~$60 USD), but it tends to be way more accessible for certain things. Given that this board is setup as a BLE interface to the UART on the Leonardo, this makes my basic testing very easy. I found one of Dr. Kroll’s examples showing any data received on the BLE side printed to a serial output on the Arduino side. For my purposes, I modified this to use Keyboard.write() instead:

void setup()
{
  // Set the data rate for the Software Serial port
  Keyboard.begin();
  Serial1.begin(19200);
}

void loop()
{
  if (Serial1.available()) {
    Keyboard.write(Serial1.read());
  }
}

I uploaded the code and connected the Leonardo / Shield combo to a Raspberry Pi I had available. Using the included BLE-Shield iPhone app, I was able to type characters on my phone and have them appear on the RaspPi’s screen. Now this code works, but doesn’t properly handle control characters nor can it handle more than about 12-15 characters at once. I’m working on the code for a UART based protocol that properly handles receiving data, typing it on the remote device, etc.

Excited by the options, I debated building a simple board containing a BLE chip and an ATMEGA32u4 (the same one used in the Leonardo.) While I’m still working on this for practical purposes, right now I’d point to 3 other projects that have appeared in the past week:

  • Babuino – This is an interesting implementation, offering a simple stick device, or a breakout style board. You also have the option of traditional Bluetooth (easy for Android or desktop devices) as well as BLE (iPhone / iPad / newer Macs, etc)
  • BLEDuino – This is almost exactly what I envisioned designing with a very open firmware.
  • BLE-Duino – An integrated version of Dr Kroll’s BLE-Shield with an ATMEGA32u4. This is built with the typical Arduino shield format allowing interfacing to pretty much any Arduino shield. This is still in early design, but bears mentioning here.

All of these devices are capable of what I’m describing here and could very easily implement any firmware or apps written to support it. I’ll have more details soon on making these devices usable in this fashion.