USB Networking/zh tw

From Openmoko

(Difference between revisions)
Jump to: navigation, search
(Red Hat 或類似套件(在 Workstation 5下測試))
(Gentoo)
Line 158: Line 158:
  
 
=== Gentoo ===
 
=== Gentoo ===
* Open /etc/conf.d/net and add:
+
* 開啟 /etc/conf.d/net 並且加入add:
 
  # Neo1973
 
  # Neo1973
 
  config_usb0=( "192.168.0.200 netmask 255.255.255.0" )
 
  config_usb0=( "192.168.0.200 netmask 255.255.255.0" )

Revision as of 09:34, 24 June 2008

Contents

Neo1973 side

命名方式

預設的狀況下Neo1973擁有usb0界面,被編譯到kernel中,做為乙太網路裝置。 在Neo上,如果你想要在網路上使用完整的主機名稱,你必須定義你的DNS server。建立 /etc/resolv.conf檔案,檔案中要包含以下的內容:

nameserver xxx.xxx.xxx.xxx

e.g. nameserver 192.168.1.1

因此,你也可以輕鬆的使用 "ipkg update && ipkg upgrade" 更新 Neo.

更好的方法是編輯: /etc/network/interfaces 並且寫入以下的內容:

up echo nameserver 192.168.0.200 >/etc/resolv.conf
要指定你喜好的DNS server而不是192.168.0.200。

example: up echo nameserver 4.2.2.2 >/etc/resolv.conf


另一個方法是symlink (NOW OBSOLETE?)

ln -s /var/run/resolv.conf /etc/resolv.conf

並且在啟動 /etc/network/if-up.d/08setupdns script中寫入:

#!/bin/sh -e
echo  nameserver 192.168.0.200 > /var/run/resolv.conf

使用這個方法可以在撥號到GPRS時,正確的從ppp 軟體中處理。

Routing

你必須自額外的流量繞送到網際網路上。 若你的電腦是預設的目的地位置,這個流量可以透過你的電腦被繞送出去 (see below)。你可以使用下列方法達到這個目地:

gateway 192.168.0.200

在usb0區段中到 /etc/network/interfaces。

Desktop side

手動

在連接上了裝置之後,modprobe usbnet 模組及設定 usb0 介面 (以root身份):

ifconfig usb0 192.168.0.200 netmask 255.255.255.0

如果你的 eth0 介面位於同一個 '範圍' (e.g. 192.168.0.105) 則你可以進行下面的工作:

1. 以下列指令ping Neo裝置

# ping -I usb0 192.168.0.202

2. 為Neo加入route:

# /sbin/route add -host 192.168.0.202/32 dev usb0

3 登入 Neo

# ssh root@192.168.0.202

若你沒有必要的模組可以讓usb0 運作,請確定你啟用了以下的kernel選項:

  • CONFIG_USB_USBNET
  • CONFIG_USB_NET_CDCETHER

二個選項都可以啟動 Device Drivers -> USB support -> USB Network Adapters. For more info see the usbnet driver homepage.

自動化方法

Hotplugging usbnet 取得,由 Marcin 'Hrw' Juszkiewicz張貼。


Debian 或相似的系統

Edit /etc/network/interfaces:

allow-hotplug usb0
iface usb0 inet static
        address 192.168.0.200
        netmask 255.255.255.0
        network 192.168.0.0
        post-up iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -P FORWARD ACCEPT

Ubuntu (由Feisty、Gutsy 與Hardy測試)

Edit /etc/network/interfaces:

auto usb0
iface usb0 inet static
        address 192.168.0.200
        netmask 255.255.255.0
        network 192.168.0.0
        up iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24 &
        up echo 1 > /proc/sys/net/ipv4/ip_forward &
        up iptables -P FORWARD ACCEPT &
        down iptables -D POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24 &

若你執行用手動的方式執行 echo 1 > /proc/... 指令,sudo 可能尚嫌不足,接著,你則可以自auso bash執行。

Ubuntu Feisty、Gutsy 及 Hardy 在未掛載時,ifdown 是有臭蟲的,也就是說,它只有在系統載入時可以執行。

這個臭蟲很久之前已回報給ubuntu。因此,不要將這個臭蟲夾檔,請在下列位置寫入備忘:https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/130437

One can patch /etc/udev/rules.d/85-ifupdown.rules, editing the two lines at the end of the file:

SUBSYSTEM=="net", DRIVERS=="?*", GOTO="net_start"
GOTO="net_end"

LABEL="net_start"

# Bring devices up and down only if they're marked auto.
# Use start-stop-daemon so we don't wait on dhcp
ACTION=="add",          RUN+="/sbin/start-stop-daemon --start --background --pidfile /var/run/network/bogus --startas /sbin/ifup -- --allow auto $env{INTERFACE}"

LABEL="net_end"

ACTION=="remove",       RUN+="/sbin/start-stop-daemon --start --background --pidfile /var/run/network/bogus --startas /sbin/ifdown -- --allow auto $env{INTERFACE}"

臭蟲內容為LABEL="net_end" ,它被放在錯的地方。

SuSE

/etc/sysconfig/network/ifcfg-usb0

# USB configuration for PDAs (openmoko)
IPADDR=192.168.0.200
NETMASK=255.255.255.0
STARTMODE=onboot

Fedora (由FC8測試)

/etc/sysconfig/network-scripts/ifcfg-usb0

# USB configuration for PDAs (openmoko)
# from http://www.handhelds.org/moin/moin.cgi/UsbNet
DEVICE=usb0
BOOTPROTO=none
IPADDR=192.168.0.200
NETMASK=255.255.255.0
ONBOOT=yes

Red Hat 或類似套件(在 Workstation 5下測試)

編輯Edit /etc/sysconfig/network-scripts/net.hotplug:

在這個指令之後

    case $INTERFACE in
	# interfaces that are registered after being "up" (?)

加入

	usb0)
		ifconfig usb0 192.168.0.200 netmask 255.255.255.0
		route add 192.168.0.202 usb0
		iptables -I INPUT 1 -s 192.168.0.202 -j ACCEPT
		iptables -I OUTPUT 1 -s 192.168.0.200 -j ACCEPT
                iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
                echo 1 > /proc/sys/net/ipv4/ip_forward
		exit 0
	;;

Gentoo

  • 開啟 /etc/conf.d/net 並且加入add:
# Neo1973
config_usb0=( "192.168.0.200 netmask 255.255.255.0" )
routes_usb0=( "192.168.0.202/32 via 192.168.0.200" )
  • Create a new init script:
cd /etc/init.d
ln -s net.lo net.usb0
  • Put iptables into use:
iptables -I INPUT 1 -s 192.168.0.202 -j ACCEPT
iptables -I OUTPUT 1 -s 192.168.0.200 -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
  • Store them
/etc/init.d/iptables save
  • If you want the routing by default:
rc-update add iptables default
  • You must also inform the kernel, to start forwarding. One way to automate this is to create /etc/conf.d/net.usb0 as follows
preup() {
       echo 1 > /proc/sys/net/ipv4/ip_forward
       return 0
}

postdown() {
       echo 0 > /proc/sys/net/ipv4/ip_forward
       return 0
}

This way, packet forwarding will be turned on when Neo is plugged in, and off when it's not.

MacOS X

See the USB Networking section in the MacOS X article.

Mobile development

Proxying DNS requests

If, like me, you move about quite a lot, connecting to various networks as you go and getting your ip via dhcp, you'll probably be annoyed at having to constantly update your resolv.conf on the Neo 1973.

To get round this, as part of my setup script, I run a proxy dns on the ip address the neo comes in on at the usb0 port. This means that my Neo /etc/resolv.conf only contains:

nameserver 192.168.0.200 

and my laptop will proxy all dns requests based on it's own /etc/resolv.conf

note that we only run the dns proxy on the usb0 interface so that we don't break any other networking

Proxying with dnrd

The script is designed to use dnrd as the dns proxy. The script and a copy of dnrd are available from my site. The script also performs the initial setup of the connection as per the USB_Networking#Manual_method above.

Proxying with a UDP forwarder

Another easy setup is using a udp forwarder like the one from http://www.tapor.com/udpf/ - is use it with the command

udpf-elf\
       -p=53\
       -f=`cat /etc/resolv.conf|awk '$1 == "nameserver"{print $2; exit(0);}'`:53

Proxying with iptables

Its is possible to forward DNS requests with iptables using the DNAT target

iptables -t nat -A PREROUTING -p tcp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1
iptables -t nat -A PREROUTING -p udp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1

where 192.168.0.1 is the IP of your residential gateway (router). This is the easiest method, but its not recommended if you have a direct connection to the Internet as ISP DNS servers can change, and this does no load-balancing.

Connecting to phone

Then ssh root@192.168.0.202 with empty password to get into phone.

NOTE: the ssh daemon (dropbear 0.49) on the OpenMoko appears to have a bug when sending the exit status back to the client. From time to time you receive an exit status of 255.

SSH Extras

If you get fed up with typing root@192.168.0.202, on your PC edit /etc/hosts and add an entry for 'phone'

192.168.0.202 phone

then edit ~/.ssh/config (or create it) and add

host phone
user root

then all you need to do is type

# ssh phone

To avoid ssh added a new line for every ssh host-key to you known_hosts you can add the following to the phone section in ~/.ssh/config

 UserKnownHostsFile /dev/null

You might want to use keys to bypass the login prompt too.

SSH Keys

From host to phone

To generate ssh keys for use as a login mechanism type

ssh-keygen -t rsa

when prompted for a password either hit enter for no password (not really a good idea) or enter a password for this key. ssh into the phone and create ~/.ssh

# mkdir ~/.ssh

then from your PC copy the .pub file to the phone.

# scp ~/.ssh/id_rsa.pub phone:.ssh/authorized_keys

You should now be able to ssh directly into the phone.

To disable password logins (after setting up key access) edit /etc/init.d/dropbear and change the following line:

DROPBEAR_EXTRA_ARGS=

to

DROPBEAR_EXTRA_ARGS="-s"

You will need to restart dropbear for this to take effect.

From phone to host

Generate the key

 dropbearkey -t rsa -f id_rsa

The output will look something like this:

 Will output 1024 bit rsa secret key to 'id_rsa'
 Generating key, this may take a while...
 Public key portion is:
 ssh-rsa AAAAB3Nza[...]
 Fingerprint: md5 ca:e8:f0:b7:f6:7b:c2:b6:b9:71:e4:45:86:a9:ff:b8

Copy and paste the one line (in this example, starting with 'ssh-rsa' onto the end of the host's authorized_keys file (often in ~/.ssh/).

From the phone, ssh with -i:

 ssh -i id_rsa user@host

This works for me. I ripped off these instructions from: [[1]]

GUI on desktop through SSH

If you need to get the GUI on the phone onto the desktop via usb, you can use ssh as follows

 ssh -l root -X -v 192.168.0.202

Login, and run openmoko-finger-demo for example, and it will open up on the desktop. To get landscape view, just resize the GUI window on the desktop.

Remote apps on neo

To get desktop apps to show up on your neo, first log in to the phone

 ssh -l root 192.168.0.202

Then once inside, run:

 DISPLAY=:0 xhost +192.168.0.200

After this you can close the ssh session. Back on the desktop computer, run:

 DISPLAY=moko:0 xclock

Note that the xhost command will allow remote applications on 192.168.0.200 to access the X server. It will allow anyone on the desktop machine to access the X server of the neo, including snooping anything you type on it. To disallow remote applications again, run this in the neo:

 DISPLAY=:0 xhost -192.168.0.200

Personal tools

Neo1973 side

命名方式

預設的狀況下Neo1973擁有usb0界面,被編譯到kernel中,做為乙太網路裝置。 在Neo上,如果你想要在網路上使用完整的主機名稱,你必須定義你的DNS server。建立 /etc/resolv.conf檔案,檔案中要包含以下的內容:

nameserver xxx.xxx.xxx.xxx

e.g. nameserver 192.168.1.1

因此,你也可以輕鬆的使用 "ipkg update && ipkg upgrade" 更新 Neo.

更好的方法是編輯: /etc/network/interfaces 並且寫入以下的內容:

up echo nameserver 192.168.0.200 >/etc/resolv.conf
要指定你喜好的DNS server而不是192.168.0.200。

example: up echo nameserver 4.2.2.2 >/etc/resolv.conf


另一個方法是symlink (NOW OBSOLETE?)

ln -s /var/run/resolv.conf /etc/resolv.conf

並且在啟動 /etc/network/if-up.d/08setupdns script中寫入:

#!/bin/sh -e
echo  nameserver 192.168.0.200 > /var/run/resolv.conf

使用這個方法可以在撥號到GPRS時,正確的從ppp 軟體中處理。

Routing

你必須自額外的流量繞送到網際網路上。 若你的電腦是預設的目的地位置,這個流量可以透過你的電腦被繞送出去 (see below)。你可以使用下列方法達到這個目地:

gateway 192.168.0.200

在usb0區段中到 /etc/network/interfaces。

Desktop side

手動

在連接上了裝置之後,modprobe usbnet 模組及設定 usb0 介面 (以root身份):

ifconfig usb0 192.168.0.200 netmask 255.255.255.0

如果你的 eth0 介面位於同一個 '範圍' (e.g. 192.168.0.105) 則你可以進行下面的工作:

1. 以下列指令ping Neo裝置

# ping -I usb0 192.168.0.202

2. 為Neo加入route:

# /sbin/route add -host 192.168.0.202/32 dev usb0

3 登入 Neo

# ssh root@192.168.0.202

若你沒有必要的模組可以讓usb0 運作,請確定你啟用了以下的kernel選項:

  • CONFIG_USB_USBNET
  • CONFIG_USB_NET_CDCETHER

二個選項都可以啟動 Device Drivers -> USB support -> USB Network Adapters. For more info see the usbnet driver homepage.

自動化方法

Hotplugging usbnet 取得,由 Marcin 'Hrw' Juszkiewicz張貼。


Debian 或相似的系統

Edit /etc/network/interfaces:

allow-hotplug usb0
iface usb0 inet static
        address 192.168.0.200
        netmask 255.255.255.0
        network 192.168.0.0
        post-up iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -P FORWARD ACCEPT

Ubuntu (由Feisty、Gutsy 與Hardy測試)

Edit /etc/network/interfaces:

auto usb0
iface usb0 inet static
        address 192.168.0.200
        netmask 255.255.255.0
        network 192.168.0.0
        up iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24 &
        up echo 1 > /proc/sys/net/ipv4/ip_forward &
        up iptables -P FORWARD ACCEPT &
        down iptables -D POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24 &

若你執行用手動的方式執行 echo 1 > /proc/... 指令,sudo 可能尚嫌不足,接著,你則可以自auso bash執行。

Ubuntu Feisty、Gutsy 及 Hardy 在未掛載時,ifdown 是有臭蟲的,也就是說,它只有在系統載入時可以執行。

這個臭蟲很久之前已回報給ubuntu。因此,不要將這個臭蟲夾檔,請在下列位置寫入備忘:https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/130437

One can patch /etc/udev/rules.d/85-ifupdown.rules, editing the two lines at the end of the file:

SUBSYSTEM=="net", DRIVERS=="?*", GOTO="net_start"
GOTO="net_end"

LABEL="net_start"

# Bring devices up and down only if they're marked auto.
# Use start-stop-daemon so we don't wait on dhcp
ACTION=="add",          RUN+="/sbin/start-stop-daemon --start --background --pidfile /var/run/network/bogus --startas /sbin/ifup -- --allow auto $env{INTERFACE}"

LABEL="net_end"

ACTION=="remove",       RUN+="/sbin/start-stop-daemon --start --background --pidfile /var/run/network/bogus --startas /sbin/ifdown -- --allow auto $env{INTERFACE}"

臭蟲內容為LABEL="net_end" ,它被放在錯的地方。

SuSE

/etc/sysconfig/network/ifcfg-usb0

# USB configuration for PDAs (openmoko)
IPADDR=192.168.0.200
NETMASK=255.255.255.0
STARTMODE=onboot

Fedora (由FC8測試)

/etc/sysconfig/network-scripts/ifcfg-usb0

# USB configuration for PDAs (openmoko)
# from http://www.handhelds.org/moin/moin.cgi/UsbNet
DEVICE=usb0
BOOTPROTO=none
IPADDR=192.168.0.200
NETMASK=255.255.255.0
ONBOOT=yes

Red Hat 或類似套件(在 Workstation 5下測試)

編輯Edit /etc/sysconfig/network-scripts/net.hotplug:

在這個指令之後

    case $INTERFACE in
	# interfaces that are registered after being "up" (?)

加入

	usb0)
		ifconfig usb0 192.168.0.200 netmask 255.255.255.0
		route add 192.168.0.202 usb0
		iptables -I INPUT 1 -s 192.168.0.202 -j ACCEPT
		iptables -I OUTPUT 1 -s 192.168.0.200 -j ACCEPT
                iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
                echo 1 > /proc/sys/net/ipv4/ip_forward
		exit 0
	;;

Gentoo

  • Open /etc/conf.d/net and add:
# Neo1973
config_usb0=( "192.168.0.200 netmask 255.255.255.0" )
routes_usb0=( "192.168.0.202/32 via 192.168.0.200" )
  • Create a new init script:
cd /etc/init.d
ln -s net.lo net.usb0
  • Put iptables into use:
iptables -I INPUT 1 -s 192.168.0.202 -j ACCEPT
iptables -I OUTPUT 1 -s 192.168.0.200 -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.0.0/24
  • Store them
/etc/init.d/iptables save
  • If you want the routing by default:
rc-update add iptables default
  • You must also inform the kernel, to start forwarding. One way to automate this is to create /etc/conf.d/net.usb0 as follows
preup() {
       echo 1 > /proc/sys/net/ipv4/ip_forward
       return 0
}

postdown() {
       echo 0 > /proc/sys/net/ipv4/ip_forward
       return 0
}

This way, packet forwarding will be turned on when Neo is plugged in, and off when it's not.

MacOS X

See the USB Networking section in the MacOS X article.

Mobile development

Proxying DNS requests

If, like me, you move about quite a lot, connecting to various networks as you go and getting your ip via dhcp, you'll probably be annoyed at having to constantly update your resolv.conf on the Neo 1973.

To get round this, as part of my setup script, I run a proxy dns on the ip address the neo comes in on at the usb0 port. This means that my Neo /etc/resolv.conf only contains:

nameserver 192.168.0.200 

and my laptop will proxy all dns requests based on it's own /etc/resolv.conf

note that we only run the dns proxy on the usb0 interface so that we don't break any other networking

Proxying with dnrd

The script is designed to use dnrd as the dns proxy. The script and a copy of dnrd are available from my site. The script also performs the initial setup of the connection as per the USB_Networking#Manual_method above.

Proxying with a UDP forwarder

Another easy setup is using a udp forwarder like the one from http://www.tapor.com/udpf/ - is use it with the command

udpf-elf\
       -p=53\
       -f=`cat /etc/resolv.conf|awk '$1 == "nameserver"{print $2; exit(0);}'`:53

Proxying with iptables

Its is possible to forward DNS requests with iptables using the DNAT target

iptables -t nat -A PREROUTING -p tcp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1
iptables -t nat -A PREROUTING -p udp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1

where 192.168.0.1 is the IP of your residential gateway (router). This is the easiest method, but its not recommended if you have a direct connection to the Internet as ISP DNS servers can change, and this does no load-balancing.

Connecting to phone

Then ssh root@192.168.0.202 with empty password to get into phone.

NOTE: the ssh daemon (dropbear 0.49) on the OpenMoko appears to have a bug when sending the exit status back to the client. From time to time you receive an exit status of 255.

SSH Extras

If you get fed up with typing root@192.168.0.202, on your PC edit /etc/hosts and add an entry for 'phone'

192.168.0.202 phone

then edit ~/.ssh/config (or create it) and add

host phone
user root

then all you need to do is type

# ssh phone

To avoid ssh added a new line for every ssh host-key to you known_hosts you can add the following to the phone section in ~/.ssh/config

 UserKnownHostsFile /dev/null

You might want to use keys to bypass the login prompt too.

SSH Keys

From host to phone

To generate ssh keys for use as a login mechanism type

ssh-keygen -t rsa

when prompted for a password either hit enter for no password (not really a good idea) or enter a password for this key. ssh into the phone and create ~/.ssh

# mkdir ~/.ssh

then from your PC copy the .pub file to the phone.

# scp ~/.ssh/id_rsa.pub phone:.ssh/authorized_keys

You should now be able to ssh directly into the phone.

To disable password logins (after setting up key access) edit /etc/init.d/dropbear and change the following line:

DROPBEAR_EXTRA_ARGS=

to

DROPBEAR_EXTRA_ARGS="-s"

You will need to restart dropbear for this to take effect.

From phone to host

Generate the key

 dropbearkey -t rsa -f id_rsa

The output will look something like this:

 Will output 1024 bit rsa secret key to 'id_rsa'
 Generating key, this may take a while...
 Public key portion is:
 ssh-rsa AAAAB3Nza[...]
 Fingerprint: md5 ca:e8:f0:b7:f6:7b:c2:b6:b9:71:e4:45:86:a9:ff:b8

Copy and paste the one line (in this example, starting with 'ssh-rsa' onto the end of the host's authorized_keys file (often in ~/.ssh/).

From the phone, ssh with -i:

 ssh -i id_rsa user@host

This works for me. I ripped off these instructions from: [[1]]

GUI on desktop through SSH

If you need to get the GUI on the phone onto the desktop via usb, you can use ssh as follows

 ssh -l root -X -v 192.168.0.202

Login, and run openmoko-finger-demo for example, and it will open up on the desktop. To get landscape view, just resize the GUI window on the desktop.

Remote apps on neo

To get desktop apps to show up on your neo, first log in to the phone

 ssh -l root 192.168.0.202

Then once inside, run:

 DISPLAY=:0 xhost +192.168.0.200

After this you can close the ssh session. Back on the desktop computer, run:

 DISPLAY=moko:0 xclock

Note that the xhost command will allow remote applications on 192.168.0.200 to access the X server. It will allow anyone on the desktop machine to access the X server of the neo, including snooping anything you type on it. To disallow remote applications again, run this in the neo:

 DISPLAY=:0 xhost -192.168.0.200