Press "Enter" to skip to content

nuxx.net Posts

CF Card Hole in Netgate alix2d13 Enclosure

This morning when a beta version of pfSense on my PC Engines alix2d13-based firewall crashed I decided to make it easier to swap the CompactFlash card from which the OS runs. While physical access to the card is not normally required to upgrade the OS, there have been a few cases recently where I had to remove the card and image it. After the third time of removing 12 fasteners just to remove the card I decided to follow pfSense developer Jim-P’s example cut a hole in my firewall’s enclosure.

After marking the CF card location in the case and stripping it, only three cuts with a small cut-off wheel were needed to make the long cuts, then the remaining bits of metal were easy to bend out of the way with a flat-blade screwdriver. A bit of quick smoothing and deburring work with small files resulted in a nice, smooth hole through which the CF card easily fits. While the card remains not hot swappable, it’ll be much easier to remove the card should I need to access the card from another machine. Since the card sits a bit inside the face of the enclosure I had to add a tape flag to make it easy to remove. Pushing it back in is a little awkward as well, but as this won’t be done much it shouldn’t be a problem.

Here’s a few photos taken tonight while cutting the hole in the case:

· After marking the enclosure was clamped to some very dense foam for cutting with a cutoff wheel.
· More cuts made with the cutoff wheel. After this point the metal was gently bent away and the hole was filed.
· Looking at the Netgate enclosure from inside showing the nice alignment with the CF card slot.
· Front view of the Netgate enclosure with a CF card hole cut in it.
· The CF card fits very nicely in the hole.
· View from inside showing how well the CF card fits.
· Because the CF card will not hang out of the slot tape was added to facilitate extraction.
· CF card placed in the alix2d13 board via the hole in the Netgate enclosure.

Now to wait for the next build to come out and reimage my CF card. This build should contain three ftp helper changes that should resolve the issue I had this morning. Hopefully a problem that I had with disappearing certificate authorities is also fixed.

Leave a Comment

Life in a Day

Arriving home from picking up a pizza I noticed that I’d just received a message from Jeff informing me of a live premier stream of Life in a Day (Wikipedia, Google, Google Blog). I’m both extremely thankful that Jeff sent this glad that I began watching it, because it was absolutely captivating.

This film was comprised completely of crowdsourced footage all filmed on July 24th 2010 assembled into a stunning portrait of life across the world. I couldn’t help but be reminded of Godfrey Reggio films such as Koyaanisqatsi and Naqoyqatsi, but for some reason this felt significantly more engaging. Apparently this is going to be released by National Geographic and I must strongly recommend watching this. It is truly wonderful.

Leave a Comment

2011 North American International Auto Show

After leaving work today at the RenCen I hopped on the the nation’s stupidest public transport system to visit the North American International Auto Show. I was originally planning on going with some new coworkers during the day, but actual work got in the way of that so I decided to go by myself afterward.

The show was as expected, but worth the $12 admission as I got to wander around and look at interesting things, ride in a Chevy Volt on a small indoor test track in the basement, see a microscope that I would really like to have (a Vision Engineering Lynx Dynascope), and the smart fortwo seen above showing off it’s incredible strength by holding up a (52.2 lb) Magna Excitor 2x Dual Suspension not-for-off-road-use Terrain Bike.

Leave a Comment

TED 5000-G Webserver is a Deal-Breaker

Last week I received a TED 5000-G from Energy, Inc., one of their The Energy Detective products. This home power monitoring device sits in one’s electrical panel and logs energy consumption, calculates cost, and displays all this info in near-real time via some web-based software called Footprints. This software runs off of the Gateway piece of the system, and a live demonstration of it can be seen here.

Unfortunately, this software has one fatal flaw in that it in normal use in my network it responds to HTTP requests with HTTP/1.1 414 Request-URI Too Long. After not very much digging I found that this happens every time the HTTP request to the Gateway includes a cookie. When your browser has a cookie for a website any websites that are visited that are on subdomains of where the cookie was set will also be sent the cookie. Therefore, cookies set by my site (https://nuxx.net) also get set when visiting the Gateway’s internal address on my network (http://ted.home.nuxx.net) and thus the device doesn’t work.

Specifically, here’s Firefox on my main machine accessing the Gateway immediately after clearing cookies. Text in red is the request from my browser, and text in blue is the response from the Gateway redirecting my browser to Footprints.html. This is normal, expected behavior:

GET / HTTP/1.1
Host: ted.home.nuxx.net
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

HTTP/1.1 200 OK
Connection: close
Content-Type: text/html
Expires:0
pragma:no-cache

<meta http-equiv="refresh" content="0;url=Footprints.html">

After this I visited nuxx.net where some simple Google Analytics tracking cookies were set and tried to access the gateway again. Note that the only difference is cookies being sent, and the 414 response:

GET / HTTP/1.1
Host: ted.home.nuxx.net
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __utma=23010084.1066362494.1295494794.1295494794.1295494794.1; __utmb=23010084.1.10.1295494794; __utmc=23010084; __utmz=23010084.1295494795.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

HTTP/1.1 414 Request-URI Too Long
Connection: close

414 Request-URI Too Long: Buffer overflow detected

This problem makes the device unusable for me. There are two discussions about this issue in TED’s support forums about this issue (#1, #1 PNG Mirror, #2, #2 PNG Mirror) which indicate that there is only 100 bytes available to service the request and that the developers may be adding another 20 bytes.

As a workaround it’s proposed that the Gateway instead be accessed by only its hostname (without the domain name, eg: http://ted) or IP address (eg: http://192.168.0.17), which ensures that no cookies are sent because it’s unlikely that any would have ever been set for those addresses. I feel these workarounds are a stopgap at best and seriously fail if one ever wishes to access the TED data from the public internet or on a well-managed, convenient network. After all, we have DNS so that (potentially changing) IPs don’t need to be remembered and/or discovered, and FQDNs because hierarchal naming is good. It would be possible to use a proxy sitting in front of the Gateway to remove cookies and make the requests more acceptable to the firmware, but I’m not particularly interested running another server just to work around this device’s shortcomings.

Since a variety of cookies could end up being sent by a modern browser I don’t think that the developer’s proposed solution of adding 20 bytes to the buffer will not solve the problem. While I’ve got a limited knowledge of embedded development, I’d think that the developers should instead should simply discard the cookie when reading it into the buffer. After all, the cookie is plaintext in the frame, begins with Cookie:, is terminated with a standard \r\n, and just comes across from the Ethernet controller as serial data. I can’t see why it couldn’t be parsed out if it’s too large to stuff into a buffer. Then again, I suppose this issue could also be caused by clients that have a particularly long User-Agent, really long hostnames, or any other number of other things which could expand the size of the request.

(Thinking about this further, I also believe that only the GET / HTTP/1.1 is the URI which is the same length in both cases. Perhaps the Gateway should really be returning a 413 Request Entity Too Large if it feels the length of the request itself is too long?)

Today I called for an RMA for my TED 5000-G, and after receiving it called back to speak with tech support. I mentioned this issue to the person with whom I spoke, and unfortunately I don’t think he quite understood the problem and instead seemed to be offering to try upgrading the firmware to resolve it. He also stated that he doesn’t have access to firmware changelogs so he can’t tell me if the issue is fixed in a future or beta release, or even if it will be fixed. When I send the device back I’ll be including this letter explaining why I’m returning it. Save for this hugely annoying issue the device seemed to work rather well, so if Energy, Inc. can resolve the problem I’d love to keep it. However, something that doesn’t function with modern browsers and network setups isn’t worth $199.95.

(Mirrored forum discussions were captured at 23:09 EST on 19-Jan-2011. Software versions as reported in Footprints are as follows: Gateway Version 1.0.400, Daughterboard Version 1.0.48, Footprints Version 1.0.222, MTU Version 1.0.0. All information above is only representative of these versions.)

7 Comments

Angry Birds Without Ads Coming In 2011

A month ago I posted about my frustrations with video ads in Angry Birds on Android and how there was no pay option. At the same time I emailed Rovio to inform them of my frustration with the video ads and asked when a for-pay version of their software may be available. A couple days ago I received the following response from Rovio informing me that an option to pay and opt out of ads will become available later this year:

Hello Steve,

and thanksd for contacting us.

Sorry hear you decided to uninstall the game.

A payment option to opt out of the ads will be introduced worldwide this year.

Best Regards,

Oona Hilkamo
Angry Birds Community Champ
Rovio Mobile Ltd.

I’m anxiously looking forward to this because I do enjoy playing Angry Birds, but I simply do not want to support the software’s authors by viewing commercials.

1 Comment

Tasty British Treats

A package that I’d been looking forward to arrived today from Dominic. Inside was some nifty software and a whole assortment of wonderfully British treats, including proper Sellotape (!!!), curry noodles (ramen-like, I believe), a resupply of PG Tips, some silly buttons, a cute WWF card, and some wonderful-looking candy, including a Curly Wurly which Danielle loved when we were in the UK back in 2008. This is wonderful. Not only is there a bunch of stuff to munch on, but I shouldn’t run out of tea for a while and can (hopefully finally?) do some nifty things to a map that I’ve been working on. Yay! This is great!

(Yes, I know that the arrangement of the photo is terrible. Sorry. I was being lazy.)

2 Comments

Stout Blowout!

48 hours after pitching yeast into the Lazy Stout I arrived home to find that the krausen had blown out the airlock. This surprise me, as it’s not a high gravity beer and didn’t seem to be particularly thick. Looks like the yeast is definitely doing its job, though.

2 Comments

Rebuilt Keg, Force Carbonation Test

When I purchased my beer kegging supplies the keg came used, complete with some flavor of Canada Dry residual liquid sloshing around inside. It’s common to buy used kegs for home brewing, and I knew that before I used it I’d have to rebuild it and replace all the o-rings to ensure no off flavors contaminate the beer.

This evening I pulled the keg apart, scrubbed all parts with a sodium percarbonate solution, then reassembled it with food-safe grease and new seals. After assembly and pressure testing I filled it with filtered tap water and set it up as seen above. This 15psi supply of CO2 should force carbonate the water to 2.5 volumes (or so) of CO2, depending on how cold the water actually ends up. After proving out that this method works I’ll then try it on one of the future batches of beer, carbonating it either in the garage or a kegerator, if I assemble one.

For more information on force carbonating, take a look at this article.

Leave a Comment

XC Skiing on MLK Day

Being Martin Luther King, Jr. Day I headed out to Stony Creek to do some XC skiing. While the trails weren’t groomed, there was enough of a track worn in that skiing was still fun. (Photo) I ended up skiing lots of two track, likely totaling somewhere around 8 miles.

Before leaving the house I fitted this year’s joint Metroparks / Oakland County Parks. Despite costing $48, this pass is an excellent buy for anyone who regularly goes to both organization’s parks, particularly someone like me who doesn’t live in Oakland County. While the normal price for an annual Metroparks pass is only $25, the non-resident Oakland County Parks pass is a whopping $45. Thus, by purchasing the joint pass (also known Parks Perks Pass) it’s $22 cheaper for me to get access to all the parks than it would be if I’d bought the passes separately.

Leave a Comment

Lazy Stout!

One week after brewing the Area 51 IPA kit I decided to use up some other beer ingredients from around the house and threw together this quick stout. I’d had a four pound can of Mountmellick “Famous Irish Style Stout” Hopped Malt Extract, so on the recommendation of the local brewing supply store I added a 3.3 pound can of Thomas Coopers’ dark liquid malt extract and set it to ferment with a leftover packet of Safale US-05 (PDF) yeast. I’d considered adding more hops, but I was told that hopped extracts are usually aggressively flavored and thus it’s probably not necessary.

With 6.5 gallons of water + extract in the pot I set to boiling it. Danielle and I took turns near the kettle so I could run in the house and fetch supplies. After an hour of boiling I was able to cool the wort and set exactly five gallons to ferment, and here it is. While this isn’t a complicated recipe, I hope it’ll result in something quick and easy that Danielle and I both enjoy the taste of. There isn’t much krausen on the beer now but it does seem to be producing enough CO2 to be coming along well.

This should come out to about 5.25%, but we’ll see once the numbers are done in a week or so:

OG: 1.053
FG: 1.021
ABV: 4.2%

I think that next I’ll try and make some manner of Ginger Beer. I’m not sure if it’ll simply be a carbonated soda or something fermented, but ginger does sound tasty.

Leave a Comment