The list of available wifi channels is slightly different from country to country. To ensure access to the right channels and transmit power settings, one needs to set the right regulatory domain in the wifi stack.
Linux
For most Linux-based computers, you can look and change the current regulatory domain using these commands:
iw reg get
iw reg set CA
where CA
is the two-letter country code
when the device is located.
On Debian and Ubuntu, you can make this setting permanent by putting the
country code in /etc/default/crda
.
Finally, to see the list of channels that are available in the current config, use:
iwlist wlan0 frequency
OpenWRT
On OpenWRT-based routers (including derivatives like
Gargoyle), looking and setting the
regulatory domain temporarily works the same way (i.e. the iw
commands
above).
In order to persist your changes though, you need to use the uci command:
uci set wireless.radio0.country=CA
uci set wireless.radio1.country=CA
uci commit wireless
where wireless.radio0
and wireless.radio1
are the wireless devices
specific to your router. You can look them up using:
uci show wireless
To test that it worked, simply reboot the router and then look at the selected regulatory domain:
iw reg get
Scanning the local wifi environment
Once your devices are set to the right country, you should scan the local environment to pick the least congested wifi channel. You can use the Kismet spectools if you have the hardware, otherwise WiFi Analyzer is a good choice on Android.
While the Bluray digital restrictions management system is a lot more crippling than the one preventing users from watching their legally purchased DVDs, it is possible to decode some Bluray discs on Linux using vlc.
First of all, install the required packages as root:
apt install vlc libaacs0 libbluray-bdj libbluray1
mkdir /usr/share/libbluray/
ln -s /usr/share/java/libbluray-0.5.0.jar /usr/share/libbluray/libbluray.jar
The last two lines are there to fix an error you might see on the console when opening a Bluray disc with vlc:
libbluray/bdj/bdj.c:249: libbluray.jar not found.
libbluray/bdj/bdj.c:349: BD-J check: Failed to load libbluray.jar
and is apparently due to a bug in libbluray.
Then, as a user, you must install some AACS decryption keys. The most interesting source at the moment seems to be labDV.com:
mkdir ~/.config/aacs
cd ~/.config/aacs
wget http://www.labdv.com/aacs/KEYDB.cfg
but it is still limited in the range of discs it can decode.
In order to investigate a bug I was running into, I recently had to give my colleague ssh access to my laptop behind a firewall. The easiest way I found to do this was to create an account for him on my laptop, and setup a pagekite frontend on my personal server and a pagekite backend on my laptop.
Frontend setup
Setting up my server in order to make the ssh service accessible and proxy the traffic to my laptop was fairly straightforward.
First, I had to install the
pagekite package (already in
Debian and Ubuntu) and open up a port on my firewall by adding the following
to both /etc/network/iptables.up.rules
and
/etc/network/ip6tables.up.rules
:
-A INPUT -p tcp --dport 10022 -j ACCEPT
Then I created a new CNAME
for my server in DNS:
pagekite.fmarier.org. 3600 IN CNAME fmarier.org.
With that in place, I started the pagekite frontend using this command:
pagekite --clean --isfrontend --rawports=virtual --ports=10022 --domain=raw:pagekite.fmarier.org:Password1
Backend setup
After installing the pagekite and openssh-server packages on my laptop and creating a new user account:
adduser roc
I used this command to connect my laptop to the pagekite frontend:
pagekite --clean --frontend=pagekite.fmarier.org:10022 --service_on=raw/22:pagekite.fmarier.org:localhost:22:Password1
Client setup
Finally, my colleague needed to add the folowing entry to ~/.ssh/config
:
Host pagekite.fmarier.org
CheckHostIP no
ProxyCommand /bin/nc -X connect -x %h:10022 %h %p
and install the netcat-openbsd package since other versions of netcat don't work.
On Fedora, we used netcat-openbsd-1.89 successfully, but this newer package may also work.
He was then able to ssh into my laptop via ssh [email protected]
.
Making settings permanent
I was initially quite happy settings things up temporarily on the command-line, but it's also possible to persist these settings and to make both the pagekite frontend and backend start up automatically) at boot.
I ended up putting the following in /etc/pagekite.d/20_frontends.rc
on my
server:
#defaults
isfrontend
rawports=virtual
ports=10022
domain=raw:pagekite.fmarier.org:Password1
as well as removing the following lines from /etc/pagekite.d/10_account.rc
:
# Delete this line!
abort_not_configured
before restarting the pagekite daemon using:
systemctl restart pagekite
Using mosh and pagekite
Mosh is a nice way to interface with ssh over high-latency netowrks. However, it's not possible to tunnel mosh directly through pagekited since pagekite only supports TCP.
I ended up with a hybrid setup where I don't have to expose the ssh service to the local network (and therefore remember to disable it when I'm done) but I do have to open a UDP port on my firewall for mosh.
First, I assigned a stable IP to my laptop on my router, based on its MAC address. I also had to disable MAC address spoofing in Network Manager (setting it to permanent).
This is what my /etc/NetworkManager/system-connections/Ethernet automatique
config looks like:
[ethernet]
cloned-mac-address=preserve
[ipv4]
method=auto
[ipv6]
addr-gen-mode=stable-privacy
ip6-privacy=2
method=auto
Then I forwarded port 9000 (UDP) traffic to the static IP address above.