search

littlewhywhat / extrace

Extrace
Other
0 stars 0 forks source link

setup ethernet connection on startup #30

Open littlewhywhat opened 6 years ago

littlewhywhat commented 6 years ago

use information from these links: https://itsfoss.com/how-to-find-what-devices-are-connected-to-network-in-ubuntu/ https://raspberrypi.stackexchange.com/questions/43560/raspberry-pi-3-eth0-wrongfully-named-enx https://github.com/android-rpi/device_brcm_rpi3/issues/71 https://raspberrypi.stackexchange.com/questions/57464/ssh-connection-refused-via-ethernet-cable https://serverfault.com/questions/475717/iptables-block-incoming-on-eth1-and-allow-all-from-eth0 https://serverfault.com/questions/244767/enable-iptables-on-one-interface

list commands to run on host and on remote, find a way to run them at startup - for example, put in init.rc

littlewhywhat commented 6 years ago

I ran on remote (ubuntu 14.04) the following (to revert if necessary)

echo 'SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth0", NAME="eth0"' > /etc/udev/rules.d/70-persistent-net.rules
sudo ip link set eth0 up
sudo ip route add default via 192.168.1.1 dev eth0
sudo ip addr add 192.168.1.11/24 dev eth0

while on host (raspberry pi):

sudo ip link set eth0 up
sudo ip route add default via 192.168.1.1 dev eth0
sudo ip addr add 192.168.1.10/24 dev eth0
# and something like that with iptables to accept input on eth0
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
# probably
iptables -A INPUT -i eth0 -p all -j ACCEPT
littlewhywhat commented 6 years ago

I have no idea how these commands work... try ifconfig to understand a bit

littlewhywhat commented 6 years ago

using cheatsheet of RedHat for ip https://access.redhat.com/sites/default/files/attachments/rh_ip_command_cheatsheet_1214_jcs_print.pdf

command ip addr on adb shell through wifi:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1
    link/sit 0.0.0.0 brd 0.0.0.0
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether b8:27:eb:e4:d6:6b brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.17/24 brd 192.168.0.255 scope global wlan0
       valid_lft forever preferred_lft forever
    inet6 fe80::ba27:ebff:fee4:d66b/64 scope link 
       valid_lft forever preferred_lft forever
4: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether b8:27:eb:b1:83:3e brd ff:ff:ff:ff:ff:ff

So DOWN and NO-CARRIER... what is NO-CARRIER?

littlewhywhat commented 6 years ago

no info for NO-CARRIER so far

Trying to use:

ip link set eth0 up
littlewhywhat commented 6 years ago

trying this https://askubuntu.com/a/116680/347374

littlewhywhat commented 6 years ago

ip route shows linkdown

on rpi

10.0.0.0/24 dev eth0  proto kernel  scope link  src 10.0.0.10 linkdown

on ubuntu

10.0.0.0/24 dev enx00133b9cb36a  proto kernel  scope link  src 10.0.0.20 linkdown
littlewhywhat commented 6 years ago

what is this https://unix.stackexchange.com/questions/398810/default-route-with-linkdown?

littlewhywhat commented 6 years ago

'$route' for ubuntu:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.0.1     0.0.0.0         UG    600    0        0 wlp2s0
10.0.0.0        *               255.255.255.0   U     0      0        0 enx00133b9cb36a
link-local      *               255.255.0.0     U     1000   0        0 wlp2s0
192.168.0.0     *               255.255.255.0   U     600    0        0 wlp2s0

and for rpi

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.0.0        *               255.255.255.0   U     0      0        0 eth0
192.168.0.0     *               255.255.255.0   U     0      0        0 wlan0
littlewhywhat commented 6 years ago

it works through the router by assigning ip address to Raspberry PI and router ip as getaway.

littlewhywhat commented 6 years ago

but after reboot it issues error no route to host

littlewhywhat commented 6 years ago

https://www.linuxquestions.org/questions/linux-networking-3/setting-up-a-direct-lan-between-2-pcs-358657/ after applying this without route command I get empty ping

littlewhywhat commented 6 years ago

I tried after to clean iptables with https://serverfault.com/questions/200635/best-way-to-clear-all-iptables-rules. doesn't work.

# flush all chains
iptables -F
iptables -t nat -F
iptables -t mangle -F
# delete all chains
iptables -X
littlewhywhat commented 6 years ago

etc/init contains all rc files... that is interesting

littlewhywhat commented 6 years ago

nmap -v -Pn 10.0.0.1

Starting Nmap 7.01 ( https://nmap.org ) at 2018-05-20 23:13 CEST Initiating Parallel DNS resolution of 1 host. at 23:13 Completed Parallel DNS resolution of 1 host. at 23:13, 0.01s elapsed Initiating Connect Scan at 23:13 Scanning 10.0.0.1 [1000 ports] Connect Scan Timing: About 15.50% done; ETC: 23:16 (0:02:49 remaining) Connect Scan Timing: About 30.50% done; ETC: 23:16 (0:02:19 remaining) Stats: 0:01:19 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan Connect Scan Timing: About 39.00% done; ETC: 23:16 (0:02:04 remaining) Connect Scan Timing: About 54.50% done; ETC: 23:16 (0:01:31 remaining) Connect Scan Timing: About 69.50% done; ETC: 23:16 (0:01:01 remaining) Connect Scan Timing: About 84.50% done; ETC: 23:16 (0:00:31 remaining) Completed Connect Scan at 23:16, 201.30s elapsed (1000 total ports) Nmap scan report for 10.0.0.1 Host is up. All 1000 scanned ports on 10.0.0.1 are filtered

Read data files from: /usr/bin/../share/nmap Nmap done: 1 IP address (1 host up) scanned in 201.34 seconds

seems like ports are filtered

littlewhywhat commented 6 years ago

with adb shell running through wifi:

nmap -v -Pn -p 5555 10.0.0.1

Starting Nmap 7.01 ( https://nmap.org ) at 2018-05-20 23:26 CEST
Initiating Parallel DNS resolution of 1 host. at 23:26
Completed Parallel DNS resolution of 1 host. at 23:26, 0.03s elapsed
Initiating Connect Scan at 23:26
Scanning 10.0.0.1 [1 port]
Completed Connect Scan at 23:26, 2.00s elapsed (1 total ports)
Nmap scan report for 10.0.0.1
Host is up.
PORT     STATE    SERVICE
5555/tcp filtered freeciv

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 2.05 seconds
littlewhywhat commented 6 years ago

there is some problem with firewall. if i could save iptables settings somehow...

littlewhywhat commented 6 years ago

using this:

iptables -A OUTPUT -j ACCEPT -m comment --comment "Accept all outgoing"
iptables -A INPUT -j ACCEPT -m comment --comment "Accept all incoming"

I have this:

# iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             /* Accept all incoming */

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             /* Accept all outgoing */
littlewhywhat commented 6 years ago

still doesn't work - seems like iptables is not restarted and there is no script to do so with restart.

littlewhywhat commented 6 years ago

there is a FirewallController.cpp in system/netd/server folder. it has some methods to enable firewall

littlewhywhat commented 6 years ago

https://github.com/ukanth/afwall/wiki/IPtables

littlewhywhat commented 6 years ago

so it's somehow with netd service that i should modify somehow