A month of Mobian
#11
(04-10-2021, 11:56 PM)RTP Wrote:
(04-08-2021, 02:56 PM)Ri3qXkW4hjb Wrote: My desktop (debian) got disconnected from its network each time I plugged in the pine phone. USB networking 

On your #10 try the ifmetric command. It allows you to change routing device priority. Allowing you to use internet while having your device hooked up (so 'ethernet' does not take over priority).

This got me going in the right direction: route metrics. USB gets a higher default priority (metric 100) than wifi (metric 600). Lower numeric metrics are higher priority, so traffic goes to the route with the lowest numeric metric.

Show metrics
To know what effect anything's having, I need to read the current metrics. The route tool and nmcli are both useful. The first example shows all routes and their metrics. The second one shows the metrics for the wireless network called PineNet.

Code:
/sbin/route -n

Code:
nmcli connection show PineNet | grep route-metric


Change current metric
To change the current metric for an interface, ifmetric and nmcli work. I prefer nmcli since I'm using it elsewhere, and it's included in the base packages for Mobian (by being part of NetworkManager). If desired, ifmetric is easy enough to get with apt install ifmetric. The examples below each set the wlan0 interface's routes' metrics to 8. This does not persist over restarting the network or interface, or over system restarts.

Code:
ifmetric wlan0 8

Code:
nmcli device modify wlan0 ipv4.route-metric 8


Change connection metric
To make the route metrics persist for a specific "connection", nmcli works. Connections are stored configuration for network interfaces, and can be used variously. Wifi is a typical way to use connections - each wifi network is a different connection for the SSID and key. The routing metric can also be added. However, this would need to be done for each wifi network. The first example below changes the metric for the PineNet wireless network to 8. The second one is my solution, to change the USB interface's routes' metrics to 1024.

Code:
nmcli connection modify PineNet ipv4.route-metric 8


Code:
nmcli connection modify 'Wired connection 1' ipv4.route-metric 1024


Automatic metrics
With my goal and setup, I'm lucky. I can just set the USB network's metric to be significantly larger than 600. I also considered changing all of the wifi connections' metrics, too. Glad I don't have to. I didn't test it, but this answer looked promising, for a way to affect all connections on an interface. I might use that later to make changes to wifi, e.g. to more thoroughly disable LLMNR across all connections including future wifi networks.
  Reply
#12
(04-13-2021, 02:56 AM)kqlnut Wrote:
(04-12-2021, 10:47 AM)wibble Wrote:
(04-11-2021, 04:15 AM)kqlnut Wrote:
(04-09-2021, 11:56 PM)MtnSk8 Wrote: I don't see any solution other than to move the speaker or mic (or maybe a louder earpiece spkr). Undecided
That's what echo cancellation is for, but I couldn't find much about how/if this is implemented in Pinephone distributions. Only some stuff regarding the Librem 5, but audio routing is handled very differently there as far as I know. Does anybody have more info on that?
Last time I looked it wasn't implemented yet. It _should_ be possible to use the PulseAudio echo cancellation plugin, but it was crashing when I tried it. That may just mean I wasn't using it correctly though. It probably needs to be built into the audio profiles, but they were work in progress at the time.
Thanks for the info! Do you know of any GitLab issue or something where I can track the progress on this? I couldn't find anything on that.

Not going to be working with PulseAudio because the audio is routed in hardware: https://gitlab.com/mobian1/callaudiod/-/issues/13
  Reply
#13
On the firewall todo, I was able to get the firewall working without any issues with the following setup:
1. install iptables-persistent via apt-get
2. Here's a config similar to what I used in /etc/iptables/iptables.v4:
Code:
*filter
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]


# INCOMING traffic on the loopback device
-A INPUT -i lo -j ACCEPT

# ESTABLISHED RELATED TRAFFIC
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT


# Let ssh in for some hosts
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -s <host to allow> -j ACCEPT
-A INPUT -p icmp -m state --state NEW -s 192.168.6.100 -j ACCEPT


# LOG and DROP remaining traffic
-A INPUT -m limit --limit 15/h --limit-burst 5 -j LOG --log-prefix "IPTABLES IN: "
-A INPUT -j DROP
COMMIT

2. Here's a config similar to what I used in /etc/iptables/iptables.v6:
Code:
*filter
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]

# INCOMING traffic on the loopback device
-A INPUT -i lo -j ACCEPT

# ESTABLISHED RELATED TRAFFIC
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# LOG and DROP remaining traffic
-A INPUT -m limit --limit 15/h --limit-burst 5 -j LOG --log-prefix "IP6TABLES IN: "
-A INPUT -j DROP

COMMIT


As far as I can tell it hasn't blocked any of the normal functionality of the device(calls/sms still work). Though obviously it will depend on your use cases.
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Axolotl on PinePhone / Mobian arno_nuehm 138 40,025 11-24-2021, 02:46 PM
Last Post: Anna
  Mobian and Deep Sleep Crust some_pinephone_user 1 226 11-14-2021, 07:05 AM
Last Post: some_pinephone_user
  Mobian kernel upgrade user641 4 397 11-10-2021, 01:22 PM
Last Post: user641
  Setting up Mullvad to run on Mobian Azathoth 2 193 11-09-2021, 01:03 AM
Last Post: j4n3z
  Sound design for Mobian S.E.B 3 256 11-08-2021, 05:34 PM
Last Post: TRS-80
  cryptocurrency on mobian/pinephone biketool 13 752 11-05-2021, 08:05 AM
Last Post: ryo
  How to Make Mobian Boot to Command Line Ubermunchen 4 360 11-02-2021, 08:34 AM
Last Post: ryo
  Mobian MMS/SMS text problem bcnaz 11 1,826 10-26-2021, 10:52 PM
Last Post: bcnaz
  Using new hub for Mobian "Bookworm" county93 7 963 10-11-2021, 11:32 AM
Last Post: county93
  Mobian can't see OpenVPN is installed. C0ffeeFreak 8 1,514 10-05-2021, 08:35 PM
Last Post: county93

Forum Jump:


Users browsing this thread: 2 Guest(s)