Bringing Back the 1-Port Router

Ok, now I need to set up a Raspberry Pi 1-Port Router.  I know how to accomplish this (see the article here), I just have to go through the motions to implement it.  Strange - I am on SD052; I'm going to have to quit buying these things and start reusing the ones that I already have.  The setup was as follows:

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install vlan shorewall

Then to get webmin setup and running, I did the following:

I added to /etc/apt/sources.list -

deb http://download.webmin.com/download/repository sarge contrib

I then got the key for the webmin repository -

sudo wget http://www.webmin.com/jcameron-key.asc
sudo apt-key add jcameron-key.asc

I then installed webmin -

sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python
sudo apt-get install webmin

I am going to use the 1-Port Router to connect between three different vlans, vlan4, vlan6, and vlan8.  Webmin will be used to setup the routing functions on Shorewall so that I can do the following:

1. Have a firewall facing out towards vlan4 from vlan6; supply dhcp services to vlan4; allow only traffic from the Mac Mini to vlan4 from vlan6; and provide a one-to-one NAT ip from my WD MyCloud onto vlan4.
2. Have a firewall facing out towards vlan8 from vlan6; supply dhcp services to vlan8; allow only traffic from the Mac Mini to vlan8 from vlan6; and provide a one-to-one NAP ip from my ubuntuServer VM cluster.

I am going to accomplish this by the following setup (TBD).

Thinking about distributing the network servers

I have been reading up on openvswitch, openflow, and docker and it occurs to me that I might want to take advantage of some of the concepts available to me.  I have a VM Server currently that pretty much limits things to the KVM world, each connected to a specific bridge to a hardware port.  Those hardware ports in turn are connected to a managed switch.  I can do a lot with this setup but I can do better.

One thing that I want to do is distribute the data plane between different VMs and allow for usage of different file servers across my network.  I have plenty of space available to me for various files but because of the need to distribute the VMs between different vlans it becomes more difficult without having several hardware routers in the network.  I want to use SDN and openvswitch to be able to spread the VM connections around to places that I need them as well as give myself the ability to access any device that I want to.  So how would I go about doing this?  I have decided to use openvswitch to spread the network access plane around my house without changing the physical network layout of routers and switches.  I will instead go the virtual route and apply some Software Defined Network (SDN) concepts.

More Later.

Project #11 - Use SDN and OpenVSwitch to connect VMs across the Network No-Mans Land

I have been studying up on software define networks and have been looking at OpenVSwitch as a means to run GRE connections across the No-Mans Land vlan.

Cluster #3 - Rearranged the Cluster for Experimentation

One of the issues that I have fixed is how to take each one of the RPis in the Cluster and be able to independently move them from one location to another.  I was able to achieve this by the use of a Netgear 116E 16-port managed switch.  Since I have 4 RPis in the cluster, I took up 8 ports on the switch and managed to be able to move things around at my convenience.  This was evident when I decided to take .101 and tie it to the same vlan as .100.  However, in this case I started up an openVPN setup following the instructions at https://github.com/StarshipEngineer/OpenVPN-Setup.  By having .101 on the switch, I was able to easily move the head from the LAN1 vlan to the CEH input vlan.  Now I can setup the openVPN independently from what I was intending on doing with .100.

Another interesting tidbit was that I was able to hook up the PowerLine adapter to the No-MansLand vlan in another area in my house and connect to it via the other PowerLine adapter on my front porch.  So I was able to do some updates to the RPi while sitting on my porch - and No-MansLand vlan was separated from the outside world.  Now what I want to be able to do is access specific vlans from outside using a double IPSec encryption setup.  More later.

Tips #0 - Wow - Amazing Find to Convert VMWare to KVM

I just happened to have enough time over the weekend to look around for some ways to convert from multiple VMWare vmdks to qcow2 and I stumbled across this site.  Now that I have found this site I can go about getting some of my VMs into a KVM setup.  The bash code that I am using is:

#!/bin/bash

for i in *.vmdk; do qemu-img convert -f vmdk $i -O raw $i.raw; done
cat *.raw > tmpImage.raw
qemu-img convert tmpImage.raw finalImage.qcow2
rm *.raw

I cant tell you how much I needed to find this in order to ease the process.  Thanks to Kees Cook and muru for the code.

Also found this to convert spaces in names to underscores:

for f in *\ *; do mv "$f" "${f// /_}"; done

Update: I spent a good portion of the day converting VMWare VMs to qcow2 and then to KVM images.  Life is once again good to me.  I was able to get a number of different VMs related to Penetration Testing completed as well as set up a bridge that could be used for the same.

Weather Station Project #27 - Took some samples through material

This morning I was out in the yard setting up an experiment.  I connected the Solar Radiation/UV Sensor setup to a POE enabled cable connected to a Ethernet over Power Line adapter.  The other Power Line adapter I plugged into my computer downstairs in the computer room.  This adapter was plugged into a Pers VLAN connector on one of my GS108Ts.  By doing this, I was able to connect to the sensor setup using my laptop on the porch through wi-fi.  I am going to leave the connection downstairs so that I will be able to use the Power Line adapter in other VLANS as necessary.  It was neat to get it working.  Here is a picture of the parts on my porch table.

The values of the data that I took was as follows:

results with no cover in bright sunlight

{ "tslLUX":"65536.00", "uvVIS":"1677.00", "uvIR":"13354.00", "uvUVRaw":"761.00", "uvUV":"7.61" }

reading from site was 12.0 for UV

Kingstowne says 7.4 UV, 835 watts/m^2

results with plastic cover in bright sunlight

{ "tslLUX":"65536.00", "uvVIS":"1594.00", "uvIR":"12876.00", "uvUVRaw":"716.00", "uvUV":"7.16" }

results with polycarbonate in bright sunlight

{ "tslLUX":"65536.00", "uvVIS":"1600.00", "uvIR":"13228.00", "uvUVRaw":"720.00", "uvUV":"7.20" }

Kingstowne says 6.9 UV, 796 watts/m^2

results with soda glass in bright sunlight

{ "tslLUX":"65536.00", "uvVIS":"1627.00", "uvIR":"12333.00", "uvUVRaw":"734.00", "uvUV":"7.34" }

Kingstowne says 7.2 UV, 833 watts/m^2

results in the shade with no cover

{ "tslLUX":"2152.00", "uvVIS":"312.00", "uvIR":"962.00", "uvUVRaw":"30.00", "uvUV":"0.30" }

{ "tslLUX":"2168.00", "uvVIS":"315.00", "uvIR":"976.00", "uvUVRaw":"31.00", "uvUV":"0.31" }

Kingstowne says 6.7 UV, 817 watts/m^2

This UV data shows a loss of about 5 and a half percent in the visible spectrum, 4 and a half percent considering the IR spectrum.  The overall percent difference between my local site and the site that I am using for calibration appears to be about 2.8 percent; my value is higher.  The distance between us is about 4.13 miles so I have been assuming that the values should be about the same.

According to this data, I should not have a problem if I used the lid to my sandwich container (plastic cover in the test).  I just have to compensate for the loss; there doesn't appear to be a loss associated with the UV sensitivity as far as I can tell.  So I should multiply my UV readings by 1.0628 to get the same as the Kingstowne values?  I should multiply my uvVIS values by 0.4979 to get the watts/m^2 equivalent to the values from the site where I am comparing my values.

Weather Station Project #26 - Some more thoughts

After looking through the raw data from my sensor, I discovered a number of points where the data was "pegged".  The only thing that I can think of is that the integration time on the sensor was set too high.  This is going to require me to redo the sketch that was loaded onto the Arduino.  Thinking more about this, I should also attempt to get the final packaging completed for the sensor setup.  This means a package that is waterproof and uses POE to power it so that I have but one cable from the POE source to the sensor package.  I already have the packaging and I have a few POE splitters on order that will work well with this setup.  Now I need to come up with the final specifics.

The list of parts (from here) with some modifications are:

• Raspberry Pi B+
• Arduino Uno
• Arduino Ethernet Shield
• Arduino Proto Board Shield
• TP-Link TL-POE10R PoE Splitter w/power connector cable
• Power splitter cable (1 female to 4 males - 5.5mm x 2.1mm)
• Power adapter plug (1 female 5.5mm x 2.1mm to ISO block)
• Power plug 5.5mm x 2.1mm to micro USB cable
• Ethernet socket adapter (for mounting on wall of sandwich box)
• Clear sandwich box (see-through for RPi camera)
• RTV to pot up the holes so that water can't get in
• Mounting platform and hardware to mount sandwich box on outside

The Raspberry Pi is used to sample from the Arduino.  I have proven that I can set up a web service on the Arduino, so accessing it from within my network is a no brainer.  I have also proven that I can write a python script which is able to sample both from the Arduino based sensor set and from a Weather Underground station with the sensors that I am trying to emulate.  Ultimately the extra sensor base will include:

• Lightning sensor 
• Moisture sensor (Transpiration) 
• UV monitoring sensor
• Solar radiation sensor

I have the parts for the Moisture sensor but I am missing the lightning sensor parts.  Not sure where to find that.

Update: I got in some POE splitters yesterday so I will probably be building up the package over this weekend.  Right now I am just going to use the plastic lid.  Will need to get a crystal glass lid so that it will pass UVA and UVB through.  I don't think that UVB will be able to pass through the lid at this point.