A month of Mobian
#11
(04-10-2021, 11:56 PM)RTP Wrote:
(04-08-2021, 02:56 PM)Ri3qXkW4hjb Wrote: My desktop (debian) got disconnected from its network each time I plugged in the pine phone. USB networking 

On your #10 try the ifmetric command. It allows you to change routing device priority. Allowing you to use internet while having your device hooked up (so 'ethernet' does not take over priority).

This got me going in the right direction: route metrics. USB gets a higher default priority (metric 100) than wifi (metric 600). Lower numeric metrics are higher priority, so traffic goes to the route with the lowest numeric metric.

Show metrics
To know what effect anything's having, I need to read the current metrics. The route tool and nmcli are both useful. The first example shows all routes and their metrics. The second one shows the metrics for the wireless network called PineNet.

Code:
/sbin/route -n

Code:
nmcli connection show PineNet | grep route-metric


Change current metric
To change the current metric for an interface, ifmetric and nmcli work. I prefer nmcli since I'm using it elsewhere, and it's included in the base packages for Mobian (by being part of NetworkManager). If desired, ifmetric is easy enough to get with apt install ifmetric. The examples below each set the wlan0 interface's routes' metrics to 8. This does not persist over restarting the network or interface, or over system restarts.

Code:
ifmetric wlan0 8

Code:
nmcli device modify wlan0 ipv4.route-metric 8


Change connection metric
To make the route metrics persist for a specific "connection", nmcli works. Connections are stored configuration for network interfaces, and can be used variously. Wifi is a typical way to use connections - each wifi network is a different connection for the SSID and key. The routing metric can also be added. However, this would need to be done for each wifi network. The first example below changes the metric for the PineNet wireless network to 8. The second one is my solution, to change the USB interface's routes' metrics to 1024.

Code:
nmcli connection modify PineNet ipv4.route-metric 8


Code:
nmcli connection modify 'Wired connection 1' ipv4.route-metric 1024


Automatic metrics
With my goal and setup, I'm lucky. I can just set the USB network's metric to be significantly larger than 600. I also considered changing all of the wifi connections' metrics, too. Glad I don't have to. I didn't test it, but this answer looked promising, for a way to affect all connections on an interface. I might use that later to make changes to wifi, e.g. to more thoroughly disable LLMNR across all connections including future wifi networks.
  Reply
#12
(04-13-2021, 02:56 AM)kqlnut Wrote:
(04-12-2021, 10:47 AM)wibble Wrote:
(04-11-2021, 04:15 AM)kqlnut Wrote:
(04-09-2021, 11:56 PM)MtnSk8 Wrote: I don't see any solution other than to move the speaker or mic (or maybe a louder earpiece spkr). Undecided
That's what echo cancellation is for, but I couldn't find much about how/if this is implemented in Pinephone distributions. Only some stuff regarding the Librem 5, but audio routing is handled very differently there as far as I know. Does anybody have more info on that?
Last time I looked it wasn't implemented yet. It _should_ be possible to use the PulseAudio echo cancellation plugin, but it was crashing when I tried it. That may just mean I wasn't using it correctly though. It probably needs to be built into the audio profiles, but they were work in progress at the time.
Thanks for the info! Do you know of any GitLab issue or something where I can track the progress on this? I couldn't find anything on that.

Not going to be working with PulseAudio because the audio is routed in hardware: https://gitlab.com/mobian1/callaudiod/-/issues/13
  Reply
#13
On the firewall todo, I was able to get the firewall working without any issues with the following setup:
1. install iptables-persistent via apt-get
2. Here's a config similar to what I used in /etc/iptables/iptables.v4:
Code:
*filter
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]


# INCOMING traffic on the loopback device
-A INPUT -i lo -j ACCEPT

# ESTABLISHED RELATED TRAFFIC
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT


# Let ssh in for some hosts
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -s <host to allow> -j ACCEPT
-A INPUT -p icmp -m state --state NEW -s 192.168.6.100 -j ACCEPT


# LOG and DROP remaining traffic
-A INPUT -m limit --limit 15/h --limit-burst 5 -j LOG --log-prefix "IPTABLES IN: "
-A INPUT -j DROP
COMMIT

2. Here's a config similar to what I used in /etc/iptables/iptables.v6:
Code:
*filter
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]

# INCOMING traffic on the loopback device
-A INPUT -i lo -j ACCEPT

# ESTABLISHED RELATED TRAFFIC
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# LOG and DROP remaining traffic
-A INPUT -m limit --limit 15/h --limit-burst 5 -j LOG --log-prefix "IP6TABLES IN: "
-A INPUT -j DROP

COMMIT


As far as I can tell it hasn't blocked any of the normal functionality of the device(calls/sms still work). Though obviously it will depend on your use cases.
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Mobian Bulleyes aberrio 0 80 12-16-2024, 08:27 AM
Last Post: aberrio
  Mobian, Suspend, and Audio Playback biketool 0 128 12-11-2024, 12:56 AM
Last Post: biketool
  Upgrade to Mobian (Trixie) Staging biketool 12 701 12-06-2024, 05:46 PM
Last Post: vusra
  how to update mobian over tor vusra 14 9,484 12-04-2024, 07:01 PM
Last Post: vusra
  bookworm vs trixie discussion for mobian in pinephone regular. zetabeta 41 9,483 11-27-2024, 10:39 AM
Last Post: fernando_c_m
  atinout binaries for mobian/debian? NeutralGrey 4 1,526 10-31-2024, 04:16 AM
Last Post: astylethargic
  Mobian-Kicksecure? 3460p 0 922 05-26-2024, 02:09 PM
Last Post: 3460p
  Mobian repository status henrythemouse 16 12,450 04-10-2024, 10:02 AM
Last Post: diederik
  cant verify mobian image at website gnugpg penguins_rule 0 972 03-18-2024, 08:54 PM
Last Post: penguins_rule
  mobian installed to eMMC - how to install tow-boot grump_fiddle_reinstall 6 4,131 11-22-2023, 11:46 AM
Last Post: aLoop100o

Forum Jump:


Users browsing this thread: 1 Guest(s)