Category: Hardware

Categories
Hardware Linux Networking Software

Resilio Sync on Synology stuck?

resilio sync

The Resilio Sync package that’s provided on a Synology NAS’ Packager Center is out of date (2.6.2) and has a bug that causes big files to fail to sync (and that causes a loop of endless retries).

The solution is to manually update the package from 2.6.2 to 2.6.4. Find your NAS architecture and then download (bottom of the page) the right binary and manually install it.

Note that you need to stop the Resilio Sync service running (manually stop it via Package Center) before uploading the package and installing it.

Once done, don’t forget to manually start the service again.

Resilio Sync GUI will be at <NAS IP>:28888/gui/.

The howto guide to manually update the package can be found here.

Categories
Hardware

Where to fly your drone

Now that I own a DJI Spark

Singapore:ย flywhere.sg.

World (not very detailed):ย foxnomad.com/2017/07/25/map-shows-drone-laws-every-country-world-updated-regularly

And also embedded here:

Categories
Hardware Linux Networking

Edgerouter IPsec tunnel to Fritzbox

So, I have an EdgeRouter Lite in Singapore (Starhub) and a FritzBox in Belgium (EDPnet).

This is mostly stuff that I have found from several articles, mostly from here.

ERL: eth0 is WAN, eth1 (10.60.111.0/24) and eth2 (unused, not VPN’ed) are LAN
FritzBoz: 192.168.1.0/24

This is the FritzBox config (go to VPN and them Import a config) fritzvpn.cfg:

vpncfg {
        connections {
                enabled = yes;
                conn_type = conntype_lan;
                name = "VPN Yeri";
                always_renew = yes;
                reject_not_encrypted = no;
                dont_filter_netbios = yes;
                localip = 0.0.0.0;
                local_virtualip = 0.0.0.0;
                remoteip = 0.0.0.0;
                remote_virtualip = 0.0.0.0;
                remotehostname = "erl.yeri.be";
                localid {
                        fqdn = "fritz.yeri.be";
                }
                remoteid {
                        fqdn = "erl.yeri.be";
                }
                mode = phase1_mode_idp;
                phase1ss = "all/all/all";
                keytype = connkeytype_pre_shared;
                key = "SOMEPASSWORD";
                cert_do_server_auth = no;
                use_nat_t = yes;
                use_xauth = no;
                use_cfgmode = no;
                phase2localid {
                        ipnet {
                                ipaddr = 192.168.1.0;
                                mask = 255.255.255.0;
                        }
                }
                phase2remoteid {
                        ipnet {
                                ipaddr = 10.60.111.0;
                                mask = 255.255.255.0;
                        }
                }
                phase2ss = "esp-all-all/ah-none/comp-all/pfs";
                accesslist = "permit ip any 10.60.111.0 255.255.255.0";
        }
        ike_forward_rules = "udp 0.0.0.0:500 0.0.0.0:500", 
                            "udp 0.0.0.0:4500 0.0.0.0:4500";
}

Be sure to modify the password, local (Fritz) and remote (ERL) LAN and edit the local and remote fqdn.

This is the ERL config (via ssh, you’ll need to set this:

[email protected]# show vpn ipsec 
 auto-update 60
 auto-firewall-nat-exclude enable
 esp-group FOO0 {
     proposal 1 {
         encryption aes256
         hash sha1
     }
 }
 ike-group FOO0 {
     dead-peer-detection {
         action restart
         interval 60
         timeout 60
     }
     lifetime 3600
     proposal 1 {
         dh-group 2
         encryption aes256
         hash sha1
     }
 }
 ipsec-interfaces {
     interface eth0
 }
 nat-networks {
     allowed-network 0.0.0.0/0 {
     }
 }
 nat-traversal enable
 site-to-site {
     peer fritz.yeri.be {
         authentication {
             mode pre-shared-secret
             pre-shared-secret SOMEPASSWORD
         }
         connection-type initiate
         description "VPN to fritz.yeri.be"
         ike-group FOO0
         local-address erl.yeri.be
         tunnel 1 {
             esp-group FOO0
             local {
                 prefix 10.60.111.0/24
             }
             remote {
                 prefix 192.168.1.0/24
             }
         }
     }
 }

Status:

[email protected]:~$ show vpn ipsec status
IPSec Process Running PID: 20140

1 Active IPsec Tunnels

IPsec Interfaces :
        eth0    (no IP on interface statically configured as local-address for any VPN peer)
[email protected]:~$ show vpn ipsec sa
peer-be.yeri.be-tunnel-1: #9, ESTABLISHED, IKEv1, 85a2d010ada73113:ca439c40ac3bca06
  local  'erl.yeri.be' @ 116.87.x.y
  remote 'fritz.yeri.be' @ 109.236.x.y
  AES_CBC-256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
  established 1592s ago, reauth in 1333s
  peer-fritz.yeri.be-tunnel-1: #1, INSTALLED, TUNNEL, ESP:AES_CBC-256/HMAC_SHA1_96/MODP_1024
    installed 1592 ago, rekeying in 1200s, expires in 2009s
    in  c0bb652e, 1038032 bytes, 10726 packets,     0s ago
    out 8d5df3f5, 532685 bytes,  6062 packets,     0s ago
    local  10.60.111.0/24
    remote 192.168.1.0/24

I haven’t really figured out what no IP on interface statically configured as local-address for any VPN peer means yet though.

Next up: VLANs

Categories
Apple Hardware

Yard Sale: Macbook Pro late 2013

For sale due to getting a portable Macbook:

  • Late 2013 Macbook Pro (15.4″ Retina)
  • 2.3Ghz i7 (quad core + Hyper-Threading)
  • 16Gb RAM
  • 512Gb SSD
  • Intel Iris onboard GFX + Nvidia GeForce GT 750M PCEย GFX
  • BE-Azerty keyboard
  • โ‚ฌ2445,41 inย 28 October 2013
  • SUPER fast
  • Minor scratch in the back of the LCD
  • Minor (not very noticeable) corrosion at the right hand
  • Weird scratch “smear” in LCD display (only visible on white background; about 2x2cm; to be honest it’s not really visible)
  • Besides this very decent Macbook Pro, it has been used, but in veryย good shape for the extreme work it has committed. Taken care of this device as if it was my own child. And did I mention blazing fast?

Contact: [email protected]

Specs:

Processor 2.3GHz Quad-core Intel Core i7
Memory 16GB 1600MHz DDR3L SDRAM
Flash Storage 512GB Flash Storage
Apple Thunderbolt to Enet Adpt Apple Thunderbolt to Enet Adpt Apple Thunderbolt to FW Adptr No FireWire Adapter
Mini DisplayPort to VGA Adptr No VGA Adapter
Keyboard and Documentation Keyboard/User’s Guide(Z)-BEL Country Kit Country Kit-INT

Pictures:

IMG_20160823_010509

It’s a Macbook Pro !

IMG_20160823_010523

“Smear” above “AGE” (really hard to see)

IMG_20160823_010531

Scratch at the back (knocked it against a glass door at night in my old apartment)

IMG_20160823_010450

Corrosion at the right hand (not left, don’t ask why — probably because I use the touch pad all the time).

More info:

Screen Shot 2016-08-23 at 00.50.51

Screen Shot 2016-08-23 at 00.50.54

Screen Shot 2016-08-23 at 00.52.35

Screen Shot 2016-08-23 at 00.54.11Screen Shot 2016-08-23 at 00.54.28

Categories
Hardware Travel

Shenzhen