Azure - Fritz!Box: Site-to-Site VPN connection

Details
Published: 23 May 2018

If you do own a FRITZ!Box, it is fairly simple to setup a Site-to-Site VPN connection to your Azure virtual network.
This article will walk you through all steps using the GUI (2018.05.23)

By the way, you might want to change the default FRITZ!Box subnet (192.168.178.0/24) to something else e.g. (192.168.111.0/24), otherwise this tutorial might not work as your FRITZ!Box will prevent some required changes.

 

 

First Step: Create a "Virtual Network"

Create a "Virtual Network" in Azure with an address space of e.g. 10.3.0.0/16 and a default subnet of e.g. 10.3.0.0/24 which must not overlap with your network at home (e.g. 10.0.0.0/24).
Lets name the VNET "A2H-VNET" and the default Subnet "A2H-Default-Subnet"

Within this VNET, create another subnet, a "Gateway subnet". Again, this must not overlap with your home network or the default subnet "A2H-Default-Subnet". Since we only need this subnet to hold "Virtual Network Gateway" IP, we can use a e.g. 29 subnet. Something like this: 10.3.1.0/29

Once this has been created, the VNET "A2H-VNET" should look similar to this:

View after adding the "Virtual Network" Azure VNET with two subnets

Read more: Azure - Fritz!Box: Site-to-Site VPN connection

Pi-hole and DB-Navigator App

Details
Published: 29 January 2018

DB Navigator AppI just tried to book a train ticket via the DB Navigator app on an Android mobile from within my home network wich is using Pi-hole as DNS server to block advertising.

Picking the connection works fine, but once you try to book a ticket, you will get a warning unless you whitelist the following domains:

  • dpm.demdex.net
  • m.exactag.com
  • tags.tiqcdn.com
  • track.adform.net

(Maybe one can get away with a subset of those)

Demdex seems to be a Adobe service called "Adobe Audience Manager":

It’s a data management platform (DMP) that helps you build unique audience profiles so you can identify your most valuable segments and use them across any digital channel.

(https://www.adobe.com/data-analytics-cloud/audience-manager.html)

Exatag describes itself as:

Exactag combines classic marketing mix modeling and digital marketing attribution to create a revolutionary new cross-media approach: marketing mix attribution.
The result is a comprehensive platform for increasing efficiency across all digital and analogue marketing activities.

(https://www.exactag.com/en/)

Tiqcdn domain seems to belong to Tealium:

Tealium is a US American company [...] that sells enterprise tag management and marketing software.

(https://en.wikipedia.org/w/index.php?title=Tealium&oldid=807343845)

Adform is described as:

Adform is a global digital media advertising technology company. Based in Copenhagen, Denmark the company operates globally with its primary presence concentrated in the European, UK, and US markets. The company was the first pan-European DSP (Demand-side platform) [...]

(https://en.wikipedia.org/w/index.php?title=Adform&oldid=817305135)

 

Good to know you are always on the right  being "tracked" using the DB-Navigator app...

Intel Core i7-6700K bent by CPU cooler "be quiet! DARK ROCK PRO 3"

Details
Published: 01 December 2017

My PC stopped working from out of sudden. No BIOS, no BEEP, nothing.

After checking all components OK, the last piece of the puzzle had to be the CPU (Intel Core i7-6700K) so I ordered a new mainboard and a new CPU.

The new mainboard + CPU arrived, have been installed and everything is working fine again.

Having the CPU laying around on my desk, I played around with it, and noticed, that the substrate looked somehow bent. I compared it to the CPU socket and the "dents" in the substrate perfectly match some plastic spacers of the socket 1151.

Searching for "Skylake bent" on the internet, brought my attention to this site: Skylake: Kühler können Sockel-1151-CPUs beschädigen

 I suspect that the cooler (be quiet! - DARK ROCK PRO 3) bent the substrate of the CPU over the course of 2 years until it failed.

The components involved:

  • CPU: Intel Core i7-6700K
  • Mainboard: ASUS Z170-A
  • Cooler: be quite! DARK ROCK PRO 3
  • Case: be quiet! Silent Base 800

The PC was assembled by me in October 2015 and broke down in November 2017. It was never moved, transported or physically abused (which would explain such a deformation).

Be aware of this issue if you use a heavy CPU cooler like the be quiet! DARK ROCK PRO 3. I will try to reach out to be quite! to see if there have been reports of those kind of incident.

UPS PIco HV3.0A Stack Plus on LibreELEC

Details
Published: 09 March 2017

I am currently trying to make the UPS PIco HV3.0A Stack Plus from πmodules fly on LibreELEC 8 running on a RASPBERRY PI 3 MODEL B. I'll update this post as I make progress.

First of all, all stuff is in place in regards to the drivers needed for the RTC part (as I got many request regarding those drivers. They are in place, you do not have to do anything).
You can check the existence on your system with "cat /lib/modules/$(uname -r)/modules.builtin" for drives build statically into the Kernel and "ls ls /lib/modules/$(uname -r)/kernel/drivers/rtc" for the drivers compiled as module.

  • rtc-ds1307 is available as module
  • i2c-dev is compiled into the Kernel
  • i2c-bcm2708 is compiled into the Kernel

On the software side two Python packages are missing: XMLTODICT and JINJA2.

  • To enable picofssd to talk to the PIco, you need to install the addon "rpi-tools" which provides RPi.GPIO
  • To read the config file for picofssd we need xmltodict.
  • To send emails we need to download & compile "jinja2"
    This is on my TODO-List - didn't set up a LibreELEC dev system yet
    We can easily work around this flaw by deactivate the eMail feature.
    --> Comment out the instantiation of the sendEmail class, its invocation and self.alert_email() in the python script "picofssd" (e.g. in PiModules/code/python/upspico/picofssd/scripts or edit it in the new location after installation e.g. /storage/upspico/usr/bin)

Read more: UPS PIco HV3.0A Stack Plus on LibreELEC

Download JAVA JRE JDK via the commandline

Details
Published: 02 July 2016

Sick of firing up a web browser, downloading JRE or JDK to your desktop and scp it to the server you are updating?

I was:

wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jdk/8u92-b14/jdk-8u92-linux-x64.tar.gz

If you are using Gentoo, you can use this script.